John's Musings


Yeah, Me Neither

How to use an UpConverter with SDR in GQRX

As with most geeky things I've found that NOBODY hardly puts those "seal the deal" details on the internet. Smart guys will say something like "balance the decombobulator" without actually telling you how to do it. Hey, they know how to do it and that's what matters.


In fact that is the whole premise of my webpage and my blog. To capture that minutia and those details and write them in a step by step easy to follow process.


First of all, what is an UpConverter? An upconverter allows you to get roughly between 0 and 24 MHz. There is where you find AM radio, Shortwave, and HF transmissions. Just beyond 24 MHz, and usually reachable with an upconverter is CB radio as well. So your basic SDR dongle doesn't quite reach that. Well actually one does. This one.



Here's how you do it in GQRX. When launching GQRX for the first time or while selecting "Configure I/O Device" here's how to get the HF frequencies........


Select the Realtek device and make sure the Device string says


rtl=0,direct_samp=2


beneath that set LNB LO to:


-125.000000 MHz




Score. You might need to make sure "No Limits" is selected In the "Input Controls" tab as well in order to properly tune.




That makes that RTL-SDR an awesome little device. For $25 and some geekery you can listen to HF band radio on the cheap. An upconverter always works best though.


Here are the other two I have. An AirSpy Spyverter and a NooElec Ham It Up.




For the NooElec set it up like below. It is ALMOST exactly the same as above. Simply hook it up, then remove the ,direct_samp=2 from the Device String. The LNB LO is also -125.000000 MHz. Here's a pic with me getting a great signal from the local AM radio (1450).





Lastly........The AirSpy R2 and Spyverter. Very similar but different values.


In the device string type:


airspy=0,bias=1

with an LNB LO of -120.000000 MHz




And Bob is your uncle.


The Outernet and Shit

You know what the internet is. Did you know there was such a thing as the Outernet?


The Outernet is sometimes called the "Library in Space" and I believe the intent was to bring news, weather, and Wikipedia (encyclopedia type information) to areas where there is no Internet connection. The Outernet can be accessed by using an RTL-SDR device with a special antenna and Low Noise Amplifier (LNA). Or you can buy a kit for $90 from here. I opted to go this route. All you need to get going is to write an image file to an SD card, insert it, and then align and lock onto the satellite and it will immediately start downloading.



What you get in the kit is a Dreamcatcher version 2.03 computer board with ARM processor which has a built in RTL-SDR. It contains the following as well for the antenna.


  • L-band SAW filter (1525 - 1559 MHz)
  • Two-stage L-band LNA with 34dB gain


Because the signal from the satellite is weak, it is my opinion that it's best just to buy the Dreamcatcher kit rather than source parts and use a Raspberry Pi plus RTL-SDR, plus filter, plus LNA.


So when you receive the kit you receive the board, antenna and patch cable. That's it. No instructions or anything. Luckily it is a piece of cake to get working with the latest software. Download the software from here. Be sure to read the Readme.txt file for instructions. It's the closest thing you'll find to instructions. Because I bought the kit from them it instructs you to use the image file for the active antenna. At the time of this writing it is skylark-dc-1706222246-active-antenna.img.gz. Uncompress this file. The unpacked file should be named skylark-dc-1706222246.img


Now the easiest way to get this on the SD card is to download a program called Etcher. Then you select your file, select your SD card (I don't have one plugged in in the image below but you get the idea) and then click the flash button. IT IS THAT SIMPLE.




Now install the SD card into the slot next to the LED's labelled SD0_OS. Then plug it in the wall. THAT'S IT. Well, not really.


Now you need to align the satellite antenna.


The board creates a WiFi hotspot called "Outernet" connect to that WiFI and type the following address into the browser:


outernet.is


You'll see this:

Log in with user= outernet

pass = outernet



This is what you see next.



Click the little blue button on the top left and a toolbar will pop up. Click on Tuner > Status



You'll notice I have a lock and that I'm downloading in my example below. Yours may say no to "Lock", at least until you align the satellite.



There are a couple ways to align the satellite. I found this to be the easiest way. Obviously you need to know where to start looking. The Satellite we want is Inmarsat 4-F3 and it is located a little SW of North America.



The easiest thing to do is get a compass app on your phone and an inclometer app. Turn the compass until your heading is 212 degrees (and this is of course dependent on WHERE YOU ARE). Different compass headings for different locations. And slightly different elevations as well.



You can also get that information from an IOS app called "Dish Align". Shows you on a map which way to point and even has tools to help you align. I personally thought it was easier to get a lock with compass and inclinometer.





Takes a while to download information. Text based news comes down fast, and wiki articles are a bit slower. The Wiki articles seem relevant to current events (at least initially). The first one to come down I think was "G20" and of course the G20 summit is going on currently.


The weather takes a while and maybe it's because it is only published every so often daily. Might be a timing thing?. After 12 hours or so all I have are Ocean Currents data. Still.........it's cool.








Anyway, this is cool. Power goes out, internet goes out............betcha that satellite doesn't go out. You can still track news, and weather.


Well it took a while but I finally got the weather data! Here is wind, followed by heat.




And here are the various options for display. Quite a few things to display including precipitation. And the map zooms in.



YOU IS A SATELLITE HACKER AND SHIT.

Comments

Survival Computer

We all have computers however they are more and more reliant on an internet connection, but what do you do when that internet connection is gone? Seems everyday on the news they are saying North Korea will pop an EMP off rendering the US power grid toast. I'm not really thinking that may happen but I live right in the chute of a hurricane tunnel. That's a lot more likely and I'm liable to be without power for a few days. I have a generator but what if that high speed internet connection isn't working? What if cell service is out? I've decided to dedicate one laptop to the task of being an Over The Air (OTA) device, non-reliant on the internet.


What can a computer do that isn't hooked to the internet? Quite a lot actually. Here's a few things you can do:


  • Watch digital over the air television
  • Listen to FM or AM radio
  • Listen to Shortwave Radio
  • Listen to Amateur Radio
  • Listen to emergency service transmissions such as police, fire, weather, etc.
  • Decode NOAA Weather Satellite Images
  • Detect Aircraft Overhead


Not a bad list, huh? So the big hurricane hits and all the power and utilities are out it almost seems like a must to have all this. Here's what you need to get started.

  • Laptop - I prefer an older Windows Vista / Windows 7 era laptop. They are plentiful, cheap, and many of them had Core Duo processors which are now dirt cheap. You could take an old Core Duo and slap a higher end chip in it for a few dollars. I took an old Dell 1545 with a 2.0GHz CPU and put a 2.80 GHz chip in it for $15 I think. A quick eBay search shows you can get an X9100 3.06 GHz CPU for about $15. Then again a Core Duo 2.0 does the job here almost as well. Go to BestBuy and look at laptop chip speeds now. A girly 1.8 GHz Celeron or some AMD low power thing. They are designed to last forever on battery and frustrate you with their lack of CPU and graphics speed. I don't care if you think these laptops are old but a Core Duo 3.06 GHz CPU running on Linux KICKS ASS.
  • Operating system. You can use Windows here but if you have an old laptop with say Windows XP or Vista you'll probably want to upgrade WHICH COSTS MONEY. I use Linux which is FREE and does everything we need to do nicely here. I like LinuxMint, Debian, and Ubuntu. For this project I used Ubuntu Desktop. If you read the page it recommends 2.0 GHz as the slowest chip. There are a million flavors of Linux and some that don't need much horsepower such as Lubuntu.
  • RTL-SDR Radio - Get this one if you can. $25 and it comes with a decent sized whip antenna.
  • TV Tuner - Hauppauge X Box Tuner for aprox. $50 I guarantee you can find cheaper TV Tuners but I know this one works with Linux and I know it works WELL. They sell a Hauppauge HVR-955Q for about $70 but I read somewhere this X Box Tuner is the exact same hardware. I also own the 955Q and it works awesome as well.
  • Antenna - I won't run too deep here but you can buy a cheap discone antenna from the internet which gives good broadband coverage. A $25 cheap Yagi TV antenna will work well here too. Heck you can MAKE YOUR OWN ANTENNA as well for next to nothing. If you live in a high signal area the whip antennas that come with the devices may be enough. With the cheap whip with my TV Tuner I get 12 Channels in New Bern, NC. 3 major affiliates with local and national news. I think if the stuff ever hits that fan that is what I'm shooting for anyway. Just note that if you want to decode satellite images you may need a handheld, tuned antenna or a DIY type antenna specific for that application.

As far as Linux software goes you'll need something called GQRX and Me-TV. If you are using Windows you can get a free program called SDR# (SDR Sharp) for the SDR Radio.


Here's a screenshot of Me-TV and of course the picture will go full screen if you want it to. You even get a free electronic program guide (EPG).



Here's GQRX pulling in a local FM radio station.



The SDR Radio I linked to above will do HF, which encompasses Amateur and Shortwave and AM radio as well. It's just a little geeky to get going but this device will do all the necessary bands. There are other, cheaper RTL-SDR USB radios but they don't natively do HF, AM, Amateur, and Shortwave without an UpConverter which will make you another $40 or so lighter in the wallet area. And before you ask, yes I have an UpConverter too.


Downloading NOAA transmissions is a bit geekier and can be done easily in GQRX. I have on overview on my page here for doing it. Basically you need GQRX, sox, and WXtoIMG. A program called GPredict is also a necessity for tracking where the satellites are. All these programs are free. Here is GPredict configured with my favorite satellites. We can see that NOAA 19 is right over the top of me.



See the biggest circle on the page around North and South America? That is INMARSAT 4-F3. It is in geosynchronous orbit over the Americas. Its job is to be a library in space called Outernet. Get it? Internet, Outernet. By the way you can connect to it with an Outernet Dreamcatcher Kit. I have a kit in the mail I'll review later. So.... imagine power has been out for a while. You can hit the satellite up everyday for weather, news, and encyclopedia information. Seems pretty useful to me.


But the ability to predict the weather is PRICELESS if you are in a no power, no communications situation. I am really not kidding. You can get this quality of satellite imagery (below) from a $25 SDR Radio. Wouldn't it be nice to keep a close eye on that hurricane approaching?




Having an SDR radio in your hurricane kit is as valuable as a few cases of water, canned meat, and gasoline. YOU NEED ONE OF THESE.

Comments

Software Defined Radio

Software Defined Radio - What is it? Most of us think of it as a hardware device and it is but it passes many critical functions off to the host computer and as the name implies most of the magic happens in software. We're going to focus on something called RTL-SDR which is usually a USB device that contains an RTL2832U chip. These are usually TV Tuner devices. But they do much, much more than act as TV Tuners. Much more. There is a list of items a simple $20 USB RTL-SDR can do on this page. This is the most concise list I have seen to date.


NOTE: THIS IS CUT AND PASTED FROM THE LINKED WEBSITE ABOVE. NOT MY LIST.


The RTL-SDR can be used as a wide band radio scanner. Applications include:


Look at that list. That's insane. All that stuff you can do with this:




Here's the quickest of the quick things you can do with it. Download a program called GQRX. Plug stick into computer (I'm using a Mac). Select the stick in GQRX.



Tune into a local FM radio station. Make sure that MODE is selected to FM Mono or Stereo. You need a faster computer to do stereo.





Now with a proper antenna you can listen to Police, Fire, Aircraft, Ham Radio Operators, CB Radio, Baby Monitors, Cordless Phones, Satellites (not kidding), the International Space Station (so not kidding), Boats, Weather Balloons.......like I said.....this is insane.


I have a handheld antenna tuned to about 138 MHz. I can use software (GPredict) to track satellites then when, say a NOAA weather satellite comes overhead I can download and decode the signal which turns into that picture you see on the Weather map on the news every night. YOU CAN DO THIS IN YOUR OWN BACKYARD.


Here's a pic of Tropical Storm Cindy sneaking up on Louisiana.




Here's another thing you can do. Track Aircraft. This is done with a Raspberry Pi and an RTL-SDR. These are the planes flying over my house as I type this. Pretty cool, huh?





Now picture this. The shit has hit the fan. There's no power but you have a generator and can charge a laptop. You have a TV Tuner, FM Radio, Aircraft Tracker, that by God can tell you if terrible weather is inbound. I would say this is much more than a hacker toy. This is a vital piece of survival equipment.


Actually I'm not totally sure you can watch TV on this as it is a PAL receiver and the US uses ATSC. I guess you could get an up converter or you could just buy a US TV tuner USB stick for another $30 or $40. I have a Hauppage 955Q. Most laptops have multiple USB ports. SDR in one, TV Tuner in the other and you are ready for any emergency.


Anyway you NEED one of these. You don't just want one. You really need one of these.


Although I'm not a preparedness guy I wrote an article once for a cool website called ruralsurvival.info It's pretty similar to this page but goes into some more specific details.









Comments

iPhone Tethering with Router with DD-WRT

Suppose you are a very low usage internet person. Check email and read FoxNews once a day. You probably have a smart phone that has a Hotspot. My phone plan is Unlimited Data with 10 GB's of hotspot per month. That's so you don't share with 90 people and everybody rides for free. I know many people who don't use 10GB of data a month. Also I have an iPad that gets 20GB a month so that's 30GB's a month I can use that I seldom do use. I could almost fire the cable internet company.


Or lets say you want to surreptitiously run a wifi network at the office so you can check cutekittens.com which you know you aren't supposed to do on the work network. Or lets say you're somewhere and don't trust that network but you need to hook up multiple devices or you need a little better range than what you get with the phone or iPad.


You can also add an ad-blocker, run a VPN server, block web sites........stuff that you can't do on that phone or iPad.


I've found a good solution that is inexpensive, lightweight and not too obtrusive. We're going to hook our iPhone or iPad to the router and use it as a WAN connection so we can hook up to the wifi of the router.


The D-Link DIR-860L version B1 goes for about $40. It's very lightweight and about the size of couple of coke cans. Probably more suitable for a suitcase than a big rectangle with antennas sticking out all over it.



First in order to pull this off we need to install DD-WRT. Open a browser and type "ftp.dd-wrt.com" On Mac it asks if you want to open in finder. You can do that or just navigate via the webpage. Go to Betas > 2017 > the newest one > D-Link DIR-860 and grab the factory to dd-wrt file. Make sure you get the correct version. I have version B1.



Now log in your router interface and flash the file you downloaded. Sorry, no screenshot here. It takes 5 minutes or so but the address of the router will change to 192.168.1.1 and you'll have an open wifi network called "dd-wrt"


Once you go to the main setup page after setting a password you set your WAN connection type to "iPhone Tethering".



No go to "Wireless" and "Wireless Security" to change your SSID (if you want to) and to enable a password.


Go to Settings on your iPhone and turn off wifi and personal hotspot. Now plug your iPhone into the USB port on the back of the router. It will ask you if you want to Trust the Computer. Click yes.




Now turn on Personal hotspot and it should ask you to turn wifi on. Click yes.




Now in DD-WRT do this:


Next on the top bar click the tab that says "Status" and then "Site Survey"





Your phone will be listed in there somewhere and you may have to click the "Join" button (not depicted) Once you do that it will show up as a wireless node.


At this point you should be connected and you'll see a blue bar at the top of your iPhone page indicating a connection. After the site survey you may have to turn off wifi and personal hotspot and then pull the plug from the iPhone and start again with "Trust this computer". It takes a time or two maybe the first time you do it but after you get the blue bar you are using your iPhone as a WAN device on the router. Now you can connect to the router with it's wifi.







Yer doing it! You have successfully used your phone to provide internet to a router. Your telephone is acting like a cable modem. Depending on where you are you'll top out at 4G speeds.


Remember the data you use from hooking to the wifi on the router is part of the Hotspot data. Don't watch Netflix unless you have an unlimited hotspot plan.



Comments

Synology RT2600AC Review

I'm a firm believer that a stock router from Walmart or Target is wildly ineffective and minimally secure. I'm also a firm believer that you have to be a lot different from the crowd and that act itself makes you a little more secure simply because it makes you not as soft a target. Some ways to be different are to run open source firmware such as DD-WRT or LEDE. Yet another way is to get a non mainstream router such as a Synology RT2600AC. It has some great features not found on many regular routers.


First of all it does one amazing thing not found on almost any other router. IT MAKES YOU CHANGE THE DEFAULT ROUTER PASSWORD. Most routers steer you towards a hardened WIFI password while completely ignoring the actual "hooked directly to the internet via ethernet" connection. Default passwords are published on the internet. If your wifi has a gaping hole somebody has to be within 300 feet or so of you to exploit it. If your router is PHYSICALLY connected to the internet with a default password of admin / admin or admin / password then you're a sitting duck. MOST PEOPLE DON'T CHANGE THEIR DEFAULT ROUTER PASSWORDS. A blind kid could hack you.


It also has a unique feature where you can schedule the wifi to shut off. If you go to bed at, say 10 PM every night, why leave your wifi on? It can't be hacked if it isn't turned on. This router also has a button on the side where you can manually turn wifi on and off. What a concept!


Also you can schedule the LED lights to turn on and off at certain times. Nice to extinguish the flashing distractions especially if your router is in the bedroom or next to the TV you're trying to watch a movie on.


Because Synology routers are not really mainstream or sold in huge quantities they're a less attractive target.


What's the downside you say? It's a little tougher to set up. A bit more geeky. Another bizarre thing I noted was that as soon as I set it up it told me the SRM (firmware) needed to be updated. So I updated. It took longer than most routers AND when it was finished and just for fun I asked it to check again it found yet another firmware update. Apparently the upgrades are incremental. That's not very intuitive. Finally it tells me it's up to date!



Take notice of the control page here. It looks more like an operating system than a router configuration page. And of course it is. And of course they all are but this has a way different feel to it. This is like your basic window type graphical user interface. This router feels more like a Office/Small Business router rather than a home router. It is definitely a few steps up from a bottom shelf router at Walmart.


There is a Package Center where you can add packages (apps) to give increased functionality. This router provides excellent hardware specs to run a VPN Server and it has one of the easiest implementations of setting up a VPN server and providing client configurations to put on your devices. It's easy. It also can auto configure your firewall to keep the VPN from getting blocked. The only thing about that I didn't like it that it asked to open the ports for every kind of VPN the device supports. There is no reason to open the ports for an L2TP or PPTP VPN if you are running an OpenVPN instance. Advanced users will know to uncheck the radio boxes for those unnecessary ports but I don't think a first timer would. Never have open ports on your firewall that you don't need or intend to use. It's an open door or at the very least a poorly locked door with a really cheap lock on it.


Also it has a package called Intrusion Detection (Beta). Synology defines it as this:


Intrusion Prevention guards your Synology NAS from network threats, and identifies malicious packets to prevent your Synology NAS from infection and data compromise.


Other devices do this as well. For example my pfSense hardware firewall uses a program called pfBlockerNG which is similar. I'm sure the concept is the same. After reading through some forum entries I'm not sure this is smooth and polished yet. Without having deployed this at all I can tell you that many times these things are too restrictive. You just want to go to some website and it's blocked or elements of it are blocked. Then you go in the program and try to find the "rule" that blocked it. Many times you end up clearing the log and trying to recreate the problem so you can identify it so you can whitelist the problem. It's network administrator stuff, not Jenny from the Block stuff.


But if you put in the time and effort you'll have a decent intrusion detection system. Will it keep the NSA out? Ha. Doubtful, but it will keep out some segments of exploit attempts. I doubt a nation state or super hacker wants in your computer. It's the people scanning for social security numbers, identity theft mining, and pictures of wife getting frisky after the Christmas party with the new GoPro she got you that you are worried about.

Comments

Home Automation - The Struggle is Real

Decided to make some upgrades to my oh, so perfect home automation system and alas, this is when you find the struggle is real. Everyone that comes here is impressed with the setup but there is a lot that goes on behind the scenes. Home automation is not quite ready for the casual user.


But alas, it is. Go in any department store and they sell home automation hubs, which connect to all these devices and, yeah, it kind of works but you don't have tons of control over the user interface and you can't get under the hood to fix problems that pop up, and oh brother do they pop up. And while home automation is getting wildly popular, it isn't well thought out in my opinion. Picture this: You have a $70 light bulb in the lamp next to the bed or in the hall. Do you really want to fumble around in the dark to find your phone to scroll through screens, to find the app, to turn on the light so you can go to the bathroom or let the dog out? Or how about this "ALEXA, TURN ON BEDSIDE LAMP" when your lovely sleep deprived wife is laying next to you. Go ahead, it'll be alright. Automation is cool! So is practicality.


Sadly to integrate automation successfully it needs to also be manual, just like the home of old. A little kid needs the lights on too. And when you have tons of devices, who can remember the names of them all the time to trigger them from Alexa? Was that "Front Window Lamp, Light, or Outlet? How do you change intensity? Get this: I have a GE 12730 Ceiling Fan Switch.


GE 12730 SMART FAN CONTROL




$45 and it controls a 3 position ceiling fan motor at, low, medium, and high. It's awesome, hold the switch up a second or two and the little blue light flashes and it turns up a notch. Turning it down works the opposite. The nice folks at Home Assistant incorporated it into their program and you can manually select the speed as well.





Really nice as well, but how do you voice trigger it? By golly, like this: "ALEXA SET BEDROOM FAN INTENSITY TO 66" 33=low, 66=medium, 99=high. By golly, that's intuitive. Try remembering that at 3 AM when it's stuffy and you want the fan speed up. Not medium, Sixty-Six. Awesome.


And while we're on the subject of Fan Switches......GE makes another one. The box looks identical except on the upper left corner of the box face there is no model number. That my friends is a GE 14287 switch which by golly isn't yet really supported by Home Assistant because it hasn't seemingly been added to the OpenZWave manufacturer_specific.xml file. Awesome! What the hell does that even mean? It means your $45 dollar switch doesn't work yet unless you have one of the home automation hubs on the box, and I've seen discussion that they don't always work yet either. It's too new.


So you try to name things with common names you can easily remember. I have a vacuum tube amp and preamplifier. The preamp is called a Bottlehead Foreplay. Try as I might Alexa will not voice command it. If I say "ALEXA TURN ON BOTTLEHEAD FOREPLAY OUTLET" it starts playing music through the Echo Dot. I'm so not kidding. So I had to rename it "Foreplay" because I can remember that. When I show off my system almost invariably the first thing someone asks is "Why do you have a device named Foreplay and why would it burn down your house?". And then I get that Ahhhhhhh.........you dirty old man look, usually followed to a punch to the shoulder. Man acceptance.



I love my home automation system, but I fear I'm the only one that can work it. It runs from an Aeotec Zwave Stick in a Raspberry Pi 3 and I have about 40 devices. The subsequent configuration file THAT YOU HAVE TO HAND CODE is about 700 lines long. Hey, anybody can do that right? But my implementation is better than one of these generic hubs that make you follow their methodology. And what do you do when you have 40 devices and then number 41 won't name correctly. That happens. You gonna reset the whole device and start over because you can't dig around under the hood and get in the weeds because you have a hub that won't let you?


Home Automation = COOL!

Home Automation = Frustrating




Open Source Firmware for Routers and Shit.

Sigh. I'm always touting network security and I'm firmly of the belief that one of the best things you can do is to buy a new router and install Opensource Firmware on it such as DD-WRT or LEDE. It's a GREAT first line of defense. In general the firmware is much less prone to exploits, the code is open and when exploits are discovered, the geeks on the projects close them fast. Ok you're sold.


NOT SO FAST!


I've been running Open Source firmware exclusively for years. I won't run any manufacturers firmware at all. So when somebody releases a fancy pants new router and I see it is supported by the Open Source community I get all excited, buy the router and then find out that while the router works it has all kinds of bugs and problems and well, just doesn't work good at all.


Case in point. Linksys WRT3200ACM. On the product web page it says that it is "Open Source Ready" with OpenWRT and DD-WRT.


Let's dissect that statement, shall we? OpenWRT is basically a dead duck. Its developers jumped ship to a new program called LEDE, so technically it's still there but also no great strides are being made. So that's sorta true but not good news. Also what they don't tell you is that the wifi chip uses a driver called "mwlwifi" which is made by Marvel and the driver is PROPRIETARY. So if you buy the router and use the driver Linksys paid for it'll work but if you use DD-WRT and LEDE the Open Source driver is still under development with all kinds of bugs.



So they tighten the driver up real nice and I'm ready to deploy my brand new shiny WRT3200 and lo and behold none of my Internet of Things (IoT) devices with ESP8266 chips in them will connect to the router. I have exactly 10 Home Automation devices in my home that will not connect to this router. That is a problem. A big problem.


JUST BECAUSE A ROUTER CAN USE OPEN SOURCE FIRMWARE DOESN'T MEAN IT CAN USE IT WELL.


So I have this router that cost $200 (I paid $119 for a refurbished one) that I can't use unless I use the factory software on it which I refuse to do.


So you really need to do your homework before you decide to run Open Source Firmware. There are hundreds of devices that can run Open Source Software. There are so very few that do it well. Here's a short list.


- Netgear Nighthawk R7000 I know what you're thinking. This is an old router. Comparatively it is older, however it is still way more router than anyone needs. The router is an AC1900 and reading the box leads you to believe you get 1900 MBPS speed. WAY UNTRUE. That is the combined speed of the 2.4 and 5 Ghz networks. You can't get that speed. In fact, look at this:



I'm in the room next to my router and I connect at 527 Mbps. In fact my MacBookAir maxes out at 867 Mbps so why would I need a router any faster than that. 1300 Mbps on the 5 Ghz band is unachievable. Now tell me again how this is an old router. The R7000 still has a very active community and it is still used by a lot of the super geeks. Years of development have gone in this platform make is super fast, and super stable and secure. That's what we're shooting for. In fact, the R7000 is my number one recommendation.


What are the cons? It's friggin huge. That's about it.


- Netgear R7800 - Ok, you have to have new, I get it. This is what you want. This is the current darling of the Open Source Firmware community. In fact you may want to explore the installation of LEDE firmware for this bad boy. In my mind LEDE is a little faster, a little more secure and a little more stable. I could be wrong about that though but that is my gut feeling. I have an R7800 that I use for my guest network and it runs LEDE and I love it. In fact I installed LEDE and haven't touched it since. It's super stable and I get high wifi speeds over great distances.


- DLink DIR-860L version B1- The reason there are two hot links there is because the B1 version is HARD TO FIND. The amazon link is a version A1. The DIR-860L is the best "cheap" router you can get. You shouldn't pay more than $40 or $50 for it. Also it doesn't have big honking antennas on it so it's better suited to small homes and apartments. The guys at LEDE are working hard at making it faster than Richard Petty on crank as well. It's an amazing little device.


- Archer C7v2 - This router came out a couple years ago and had bells and whistles on it that only much higher priced routers had at the time at a fraction of the price. It immediately became a hit and that hit gravitated over to the Open Source Community. Good solid builds for this device and excellent open source support for its Qualcomm Atheros wifi chipset. Can't go wrong with this router.


In my mind that's really about it. Honorable mention to Linksys WRT1900ACS. Although it also has Marvel wifi drivers in it they cracked the nut for that particular chipset a while back. The WRT3200ACM remains problematic. I have a WRT1900ACS as the main router in my home with DD-WRT and it works flawlessly. I have a build from late March and my understanding though is that some of the newer builds have problems as well.


I realize that most people don't have the know how to flash routers and understand what chipset is better supported than other ones but that's why us geeks are here. Hug a geek today.

More Router Security

The other day I made a Facebook post which got more attention than I expected. I told the story of an acquaintance of mine who heard I was "the router guru" and who contacted me because their monthly internet data usage from the cable company spiked in a HUGE way. She contacted the cable company who came out, told her she'd been hacked and she needed to change her passwords and drove away. No help at all.


And on top of it they told her she would have to pay for the overage because she was using her own router and not the cable company's which I find to be very bizarre because cable companies use combo modem/routers which have just about the worst track record for security imaginable. However, if I owned the cable company that would probably be my bottom line fiscal policy as well. Guess it depends which side of the fence you sit on.


I've been trying to raise awareness for home network security in my circle of friends for some time. Most probably just tolerate my posts as most folks aren't as geeky as I am. I get that, I really do. And when you learn some giant tidbit that excites you regarding computer security there is no one to tell that understands it, so I tell Mr. FaceBook. So everybody probably just thinks I'm that crazy geeky guy with a poodle.


And most people have this attitude about hacking..........."I'm not very interesting. Anybody who hacks me is wasting their time. I don't have anything important on my computer I care that much about.


And you know what..........For the most part, for most people, that may be true.


But then this thing happens. Lady is minding her own business, not hurting anyone, someone hacks her and then IT COSTS HER MONEY. She was the victim of a crime that had a fiscal impact. Believe me when I tell you folks......this can happen to you too. Someone can steal your data which can cost you money.


Getting hacked could cost you the Presidency as well. :) Ask Hillary Clinton.


Getting hacked also could reveal all your emails which reveal you to be a Spirit Cooking, UFO nut as well. Ask John Podesta.


It could cost you your job. Ask Debbie Wasserman Schultz or Donna Brazille.


All these things happened. Sorry if that offends your political ideology, but they happened.



Let's say I'm a black hat hacker and lets say I deal in images for money. You can use your imagination here. Naked pics of celebrities, kiddie porn, whatever. You don't think I'm storing that crap on my computer, do you? Nope, I'll store it on YOUR network and sell links to the images. SUDDENLY YOU ARE COMPLICIT IN A CRIME.


Okay, lets get real here. When the investigators roll in it won't take them long to figure out it isn't you. You probably will never see the inside of a booking room or cell but oh what a pain in the ass it will be when they knock on your door and take your stuff.


Here's another scenario. I break into your network and hack a computer or all of your computers and turn them into my evil bots. I use them to attack other computers. You don't think I'm gonna hack the Pentagon from my computer, do you? Nope, I'd do it from your computer. You don't think I'm going to do a Denial of Service Attack from my computer, do you? Are you beginning to get the picture here?


So why are you so vulnerable to attack? First of all lets discuss how you connect to the internet. Generally in this day and age it's via a cable or satellite modem, hooked to a wireless router inside your home. There are combo devices which do both as well. Or you can connect via a MiFi brick which is becoming more and more common as well but that's a discussion for another day. It's still just an access point.


Now let's go to the store and go router shopping. Look at the boxes. They all tell you how FAST they are, but look for a box that tells you how safe and secure it is. You won't find one. Why? Because they aren't the least bit safe or secure. I've said this before and it always bears repeating..........That router is designed for the stupidest person capable of opening the box getting connected to the internet easily without having to call their expensive tech support people on the phone lines.


Now, flip your router upside down. There's a sticker there that gives you an awesome WiFI password. ChittyChittyBangBang498374$%&)


And you know what? That's great. It really is.


EXCEPT FOR ONE THING. YOUR FUCKING ROUTER IS CONNECTED DIRECTLY TO THE INTERNET VIA AN ETHERNET CABLE TO THE MODEM AND THAT INTERFACE HAS A PASSWORD TOO! Wanna guess what that password is?


I swear to God it is usually "password", or admin, or NOTHING. Nothing filled in the password block. I AM SO NOT KIDDING.


Don't believe me? Google up "Netgear default password", "Linksys default password".........whatever.


Most people NEVER change this password. When you boot into the router software to set it up IT DOESN'T PROMPT YOU TO CHANGE THIS PASSWORD.


Why not? Because the stupidest person capable of opening the box will change it, screw something up, then call tech support and tell them "I dunno what my password is". And then they have to pay the tech support person to sit on the phone with that person for 30 mins to an hour teaching them how to reset the router and starting all over again.


There is no security folks. Most of you have a 5 year old router, with 5 years of dust on it behind your TV that you've never updated, and certainly never changed the password. When you read the news and it says "The hacking group Anonymous took down Coca-Cola corporation today with a Denial Of Service Attack using 500,000 bot computers....." Guess what? You're one of them. Maybe two of them. Maybe even three of them.


If I'm a super skilled hacker I can break in your router EVEN IF you do all this because the router manufacturer puts software designed for that stupid person on the device that's full of gaping holes. Even if you do change your passwords which is a must, there are other ways to break in. Someone can probably always break in but for God's sakes don't make it easy. The super hackers don't want to look at pics of your grandkids. You're no great prize to them. But to the 14 year old hacker in Prague you are. All the people who think they have skills can get in, they will, and they'll steal your data and THAT CAN COST YOU MONEY.


You should do the following things at a minimum:


- Call the cable company as ask them to provision your modem and install the latest firmware on it. They are supposed to do that. By the way modems are hackable too. Google up "Arris Surfboard hacks". Most home users have an Arris Surfboard modem. Walmart and Target sells the shit out of them.


- Buy a modem that can install third party firmware such as DD-WRT or LEDE and buy a geek a pizza and a six pack to configure it for you. I myself like combination pizza and Michelob Ultra.


- Change the router password in addition to the wifi password.


- Turn off remote management,ssh, telnet, and Universal Plug and Play (UPnP). The only way you should be able to interface with that router is through an ethernet cable hooked directly to it or via wifi.


- Get a hardware firewall appliance. pfSense is popular and it is FREE. You heard me correctly. It's free. Totally free. You can buy an old rack mount server on eBay for less than $100 that has the horsepower to run pfSense. THEN YOU HAVE A HARDWARE FIREWALL RIGHT AFTER THE MODEM AND RIGHT BEFORE THE ROUTER. This will cost you several pizzas and a case or two of beer. Money is also accepted.


There's much more you can do to protect yourself. Right now you're making it too easy for the bad guys. And it could cost you.



DD-WRT OpenVPN

Okay this is harder than it should have been. Tons of information on the internet, NONE of it in one place. Why, SpongeBob, why?

This is a tutorial done on a Linksys WRT3200ACM with BrainSlayer DD-WRT dated May 27, 2017. And I'm doing this from a Mac. If you are doing this from Windows or Linux you need to ask Mr. Google what to do.

First we need a program called Tunnelblick. Download and install it.

Now we need to make some encryption keys. Type the following in your Terminal program. And make sure you replace "john" with whatever your path name is.


$ cd /Users/john/Library/Application\ Support/Tunnelblick/easy-rsa


Or let me show you a cool Mac Trick. Go in Finder to the Library path above. Open Terminal and type cd and add a space. Then highlight and drag the easy-rsa folder into the terminal. It fills out that long complicated path for you.







We'll do some housework in the vars file by changing our locations and setting up a 2048 bit key.


Now type:

sudo nano vars


Now adjust the following parameters regarding your location and change the 1024 to 2048 as per the example below. Scroll down a bit until you find this section. Then change:

export KEY_SIZE=1024 to export KEY_SIZE=2048


A little further down where it says "These are the default values for fields" Fill in the information to match your key best. Make sure to uncomment the lines (if they are commented out) by removing the # in front of the word export.



Once that is done hit CTL +X and Y to save then run the following commands.


$ . vars
$ ./clean-all


This will create a directory called "keys" which will create server and client keys that you need to pull this off.


$ ./pkitool --initca


The command above will make your ca.crt and ca.key files


$ ./build-key-server server


This makes your server.crt and server.key files


$ ./build-dh


This makes your SSL/TLS parameters.


$ ./build-key john


This makes your client keys. You can name this anything you want. john, jane, phone, computer, mom, whatever.


The files circled are the ones you'll need for configuring DD-WRT OpenVPN. You won't have a "config" directory. I did that for convenience.




Now go to "Services > VPN > OpenVPN Server / Daemon and configure as below.



Add your keys by right clicking on them and Open With "Text Editor" and copy the contents between these two lines and make sure to include the Begin Certificate and End Certificate lines with all the dashes as well:


-----BEGIN CERTIFICATE-----

All the crap between these lines.

-----END CERTIFICATE-----


Paste these four fields in the corresponding boxes.


Public Server Cert = server.crt

CA Cert = ca.crt

Private Server Key = server.key

DH PEM = dh2048.pem



WHOOPS GOT THE CA Cert Field Copied Twice. Ignore please.


In Additional Conig add the following


dev tun0

keepalive 10 120

push "redirect-gateway def 1"


Now we need to set up our client certificate. Add the following by opening Text Edit. Make sure you are making a plain text doc and paste in the following. Make sure on the fifth line this points to your ddns server or static IP address (if your ISP gives you one). Make sure the three lines about the certs match the name of your certs as well. Mine are john.crt and john.key. Remember yours could be phone.crt or whatever. Also note that I have changed the VPN port from 1194 to 1195. It never hurts to take a service and move it to another port. Does that make you foolproof from hacking? No but it's another layer somebody has to punch through. Make it harder.


client
dev tun0
proto udp
float
remote yourddnswebsite.com 1195
remote-cert-tls server
tls-cipher TLS-RSA-WITH-AES-256-CBC-SHA256 
cipher aes-256-cbc
auth sha1
ca ca.crt
cert john.crt
key john.key
comp-lzo adaptive 
keepalive 15 60
resolv-retry infinite
nobind 
redirect-gateway def1


Save this file and call it


config.ovpn


and place it in a directory called HomeVPN with the following other files (or whatever you named your client keys)


ca.crt

john.crt

john.key


Now rename the folder from HomeVPN to HomeVPN.tblk


That will place the 4 files into one container.




You can now double click this container file to import into Tunnelblick. After configuring your firewall you should be good to go with your OpenVPN server.


If you have an iPad or iPhone download the OpenVPN app, then connect your phone or iPad to iTunes to sync. Go to "Apps" and scroll down the Apps page to the "File Sharing" section and then click on the OpenVPN app. Drag those 4 files in and sync again.




Now when you open the OpenVPN app it will ask you if you want to import the connection. It'll be ready to roll after we complete the following steps.



Now set up the firewall:


Go to "Administration > Commands" and insert the following then click on "Save Firewall"


iptables -I INPUT 1 -p udp --dport 1195 -j ACCEPT
iptables -I INPUT 3 -i tun0 -j ACCEPT
iptables -I FORWARD 3 -i tun0 -o tun0 -j ACCEPT
iptables -I FORWARD 1 --source 10.8.0.0/24 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j MASQUERADE
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT



One final step. Let's set up DDNS. This allows you to be able to find your OpenVPN server even when your ISP changes your IP address. If your ISP assigns a static IP address you don't need to do this.


There are a multitude of free DDNS servers out there. In this instance I used NoIP.com. Another favorite of mine is DuckDNS. With DD-WRT NoIP is in the drop down list which makes it a little easier to configure. Only bad thing about NoIP is that you have to confirm once a month that you are still using the DDNS. They send an email, and you update it. No biggie but a pain sometimes.


Once you create an account you can make a hostname, like yourlastname.ddns.net, or bigpoodleinthesky.ddns.net or whatever. Now go to Server > DDNS and fill in your account name, password, and hostname. When you click Apply it should say it updated successfully.




You should now be able to connect to your OpenVPN instance from an outside network. Congrats.

LED Strip Lighting

Home automation is kind of like a drug. The more you get the more you want. And the more you study and read up about it the more you see people messing with LED strip lighting. There are all kinds of LED strip lighting you can buy but I'll center this discussion around WS2811, 12 volt strips and WS2812, 5 volt strips. I only have one strip which is the WS2811 which I bought here for a little bit less than $27. You can get cheaper stuff on eBay as well. For my first excursion into this I wanted to make sure I had something tried and tested and I read several on line accounts of people who used these successfully. Here's what a cut shortened section looks like.




The roll you get is 5 meters long and has connectors on it. I just cut this section off to play around. See the line going through where the power wires get soldered onto on the left side are? That is the cut line. You can cut these strips to any length.


This is not a definitive work on LED strips but just my experience with this one strip. And my control mechanism is an MQTT server used under Home Assistant Home Automation software. I basically replicated the work of "Ben" and used his code. If you use Home Assistant software it's hard not to know who Ben is as he has made several great informative YouTube videos.


If you do not know what an MQTT server is or what Home Assistant is ..........move on quickly. You can however buy these lights as kits with RF controllers that have remote controls with them. Rather than just jamming power into it you power the RF controller which plugs right into the end of your LED strip and then you just click-ity click on the remote to get the colors you want displayed. Easy money.


By setting this up with MQTT and using an ESP8266 Internet of Things chip you can computer control your lights and make them part of your home automation which is what I've done here. My pic below is an oversimplification to be sure. Here are the parts you need:


12volt power supply. This can be a brick or a dedicated power supply. I got this one. It makes some noise as it has a fan for cooling which kicks on sometimes so if you need whisper quiet get a 12 volt, 10 amp computer type brick. Also since you have 12 volts readily available now it is best to get your 5 volts for the ESP8266 from a 12 volt to 5 volt step down converter. I used this one. Lastly you'll want a NodeMCU ESP8266 WiFi chip from here.


Also note on my pic below that that isn't the drawing for the LED strip I ordered above. It was as close as I could find. Ignore the markings on the drawing below but wire as depicted in my photo above.







The LED Strip you receive will have 3 wires connected to a plug already soldered on it. And you'll receive another plug with a short section of wiring with bare wires on the end. When I shoved these wires into the breadboard and the longest run of wire I had was about 6" it worked PERFECTLY. However when I drilled a hole through the wall, then routed the wires down to the noisy power supply in the garage the run was about 3' long. I had what I would call some data issues due to the length of the cable.


Here's the deal with that. The data signal coming off the ESP8266 pin D5 (as per the code, you could move the pin if you wanted to) is 3.3v. The data signal the LED Strip wants is 5v. If you have short wires, and maybe not a full LED strip this may in fact be adequate, however if you have long wire runs and a long LED strip you may need a Logic Shifter. It will shift your signal from 3.3v to 5v. Right at the moment I am not using a logic shifter but will probably add one. Just to be safe. I picked mine up here. Don't buy one up front until you know you need one.


One more gotcha here........The code that is written has all manner of cool animations. Your LED strip can be quite amazing however after running the animations for a few minutes it crashes. This seems to be a known issue and the code developer (Ben) is working on it. As it is the solid colors work fine for me. I'm not really into running animations on my LED strip, as I just wanted it for back lighting effects so I'm good!

NOTE: As of today, 2 June 2017, there seems to be a fix to the code which is working well so far! Told ya.





As you can see I laid mine on top of the decorative arch in my living room. It was the perfect length and it just laid down flat, no tape, no staples, nothing. I can remove it in moments if I need to.


I drilled a hole through my wall into the attic and then pushed the wires down into the garage.





There were some issues with this setup. The data wire (green wire on the left side of the ESP8266) was about 2' to 3' away from the actual LED strip. When I applied power the first three LED's immediately lit up. When I turned them on those LED's would behave as the others, same color and all and then when I shut the strip off the first three LED's would remain lit and color shift a bit.


I figured the data signal was corrupting or something so I took apart this rig and laid all the components out on a breadboard and laid them on top of my decorative arch right next to the LED strip. That worked GREAT but you could see the breadboard from the ground and when the LED strip came on it cast a noticeable shadow from the breadboard and components. That bothered me too much.


So I took a protoboard and soldered the NodeMCU in with a 3.3v to 5v Logic Level Shifter. This takes the 3.3v signal and amplifies it. I was then able to mount everything back in the garage.


Here's the layout.



And here's the real deal:



Now nothing is visible at all and the LED lights are in my mind professionally installed now.


Here a quick rundown of the system:




Best Router Deal in History with some caveats.

Ok the goal of getting on the internet at home usually involves having the cable company come out and give you a modem. You in turn need a router but you know deep down the cable company router is a screw job extraordinaire. So you go buy your own. You go to Walmart and buy the cheapest thing that says "REALLY REALLY FAST" on the box. And they advertise speeds that you can't actually achieve but that's a blog for another day!


Never mind.......I'll touch on it. I have a MacBook Air. Top wifi speed is 867 MBPS. I don't care how fast the router is..........the max speed I'm going to connect is 867 MBPS. See where I'm going with this? TEST QUESTION: So an AC 3200 MBPS router connects me at what speed? If you answered 3200 MBPS you are clueless and probably a democrat. The correct answer is 867 MBPS.


Also, look at the router box real close. See any discussion about security on it? Nope. You won't. Why? Because they aren't secure because the real goal is that the dumbest person who opens the box be able to connect to the internet without them paying a tech support person for an hour to help you on the phone. Isn't that swell?


So here's a banging banging deal on a router that nets you decent security as well. First of all we want a D-Link DIR-860L version B1. Go in any store that sells them and you'll likely get a version A1. We want the B1. Look carefully at the box. They're a little hard to find in the US but I found one on eBay for $40 here.





It looks different than most routers which are rectangular boxes. Now right off the bat I'm going to tell you that D-Link has HORRIBLE SECURITY but we're going to blast their router software and add our own. This propels the DIR-860L into beast mode.


We're going to use LEDE firmware. This is a little geeky but worth the effort. Go to this page and download this file:


Now I am having you download the Developmental version that has no graphical interface. There is a stable version that does have a graphical interface and that would make a lot of the steps below not necessary but we want to enable something called Smart Queue Management Quality of Service (SMQ QoS) which crashes on the stable version right at the moment of this writing (5 May 2017). So we use the bleeding edge version.



Now power up your router and connect to your computer through port number 1, not the one that says internet, the one that says port 1.


Now go to a browser after it boots and type this address in the bar. At this point do not hook the router to the internet. Crappy security, remember?


192.168.0.1


You'll see the router config page. It'll try to get you to configure the internet but just X out of all that and you'll land at this page:





Click on advanced and then UPGRADE. And make no mistake, LEDE is an upgrade!




Now flash that file you downloaded previously. It will take a few minutes and you won't really be able to watch it because the address will change from 192.168.0.1 to 192.168.1.1 Just let the page countdown to 100% and take a short break to be sure it gets flashed.


Now developmental versions don't have a graphical interface but it's no problem to install one. Open Terminal in Mac or Putty in Windows and go to 192.168.1.1. In Mac type this.


ssh 192.168.1.1 -l root


That's a lower case letter L before root.


It will bark at you because there is no password. Ignore for the moment. Get ready to copy and paste these commands then hook the router to the internet and pass these 4 commands one at a time.



opkg update

opkg install luci

/etc/init.d/uhttpd start

/etc/init.d/uhttpd enable


Now go to your browser and type


192.168.1.1


and then configure your password. You can type anything in for a password then it will take you to the password change screen where you can change it. Make it a strong password. While you are on the password page set dropbear ssh to LAN as shown below. Then at the bottom of that page (not shown below) click save and apply.






Now go to Network "Wireless" and configure your WiFi





The Wireless Security tab is where you set the password.




Use Force CCMP (AES) as that is most secure




Now you have a $40 router that is a bad mama jamma. Now here is a bad ass trick to deal with something called BufferBloat. Bufferbloat quite simply is this:



Bufferbloat is the undesirable latency that comes from a router or other network equipment buffering too much data.


So this is probably something you didn't even know you suffered from. Why? Because your router is set for the stupidest user like I said before. Not the fastest or most secure user.


So lets put the DIR-860L into Internet Beast Mode.


Go back to your terminal and type


opkg install luci-app-sqm


Now go to System > Startup




Scroll down to "sqm" and click the start button and make sure it is enabled.




Now go to the Network Tab and at the bottom should say SQM-QoS. Click on that.




Now I set mine up according to the screenshots below. Your Mileage May Vary and I may not have it set up perfect but I pass the Bufferbloat tests at DSLReports like a boss. Note that each picture is of each of the three tabs on the page.






Now test at DSLREPORTS Speed Test.



Forty Bucks Folks. Forty bucks. Secure AND FAST.

Router Firmware - LEDE

Well, I bought a new router and that means I've got to exploit it for all it's worth. If you have even an inkling of network security awareness you know by now that home routers are by and large un-secure. Here's a good example of that. Not THREE days ago in the mail I received a shiny, new, refurbished Linksys WRT3200ACM router. State of the art, she is. One of the hottest, fastest, sexiest routers going right at the moment.


Look at what's in the news TWO days ago. Linksys router security story. Great. I had it a whole day and it's a security nightmare.


Think about this. This is the newest, biggest, and baddest router and it is about as secure as your son at Michael Jackson's Neverland Ranch.


Most of us are fairly router un-aware. Content to use the router the cable or satellite company gives you. Or at best buy a cheap router at Walmart then jump for joy when we plug it an and it works. It's usually hidden behind the TV never to be thought of again unless it breaks. Old hardware, running old software, hooked directly to the internet. What could go wrong?


There are some things you can do to mitigate. You can secure your network with a hardware firewall. There are several Open Source solutions for doing that and this isn't the blog for that scenario. However, that being said I run a pfSense appliance as my hardware firewall. It's very geeky to set up and in fact as you configure it you can be TOO restrictive which becomes a pain as well.


To really mitigate, or to at least improve the situation you can take your fancy router and install an Open Source Firmware on it. This essentially is a new operating system for the router. By and large they are Linux based. Because they are Open Source you have a community of people looking at them and patching up holes as they find them.


If you have a fancy new router and use the manufacturers firmware it probably has a fancy box which allows you to auto-update the firmware. And that's great right up to the point where I demonstrated above that the brand new, expensive as all get out router is basically Swiss cheese. With Open Source Firmware you're probably not going to have that fancy auto update box, nor do you want it because sometimes in the bleeding edge world of Firmware stuff breaks.


And if you're going to mess with Open Source Firmware I recommend you have TWO routers around in case one experiences some down time.


Now I haven't painted a very rosy picture here but the reality is that if you run said Open Sourced Firmware you are going to be more secure, have way better performance, and stability and you'll have community support. Try emailing Linksys or Netgear with a problem. You'll get an immediate email letting you know you're alive and then a crap answer 2 days later written by someone that knows less about routers than you do that you'll have to follow up on.


Also with Open Source Firmware you'll have the ability run programs that are not included in most manufacturers firmware. Things like Ad-Blockers, OpenVPN servers, proxy servers, DNSCrypt Proxy, guest networks, use your router for Home Automation.........you name it. I didn't even get close to covering all the bases there.


Here are some firmware choices you can use (provided your hardware is compatible).

OpenWRT - The granddaddy of the Open Source Firmware world. Started in around 2004 for the Linksys WRT54G routers (which is still a huge seller by the way) and sadly now just about a dead duck.


LEDE - Based on OpenWRT. Most of the developers didn't like the direction of OpenWRT and thought it was getting too closed. So they broke off and started their own thing which I just rediscovered.


DD-WRT - probably the firmware with the best name recognition and most popularity. Probably supports a lot more routers than all the other projects put together.


AsusWRT-Merlin - based on AsusWRT stock firmware. This is an amazing firmware but of course limited to Asus hardware and is ported to a few other routers. For example I run AsusWRT-Merlin on my NetGear R7000 Nighthawk router. It's awesome.


Tomato - There are a few forks of Tomato so i won't hot link anything. Shibby Tomato was a favorite of mine in years past but it sadly seems to be a dead duck as well.


Gargoyle - I don't have much experience with Gargoyle but I see it mentioned on the Forums quite a bit.


And of course there are more, probably many more but those are the most common ones.


So I have this shiny new Linksys (which is really Belkin) WRT3200ACM router and my go to firmware is and always has been DD-WRT however because this router uses a Marvel wifi chip and Marvel is NOT Open Sourced so much the wifi drivers on the Linksys WRT routers are usually CRAP for a year or so until the community hackers fix 'em up. For example I have a Linksys WRT1900ACS I got a little more than a year ago. It was a few months before DD-WRT got the drivers right. Now it just plain works, day in and day out, solid as a rock.


But the boys in OpenWRT and LEDE land always seem to compile the drivers in first before DD-WRT so what typically would happen was I'd hear about a new driver and I'd install OpenWRT and play around with a bit and then gravitate to DD-WRT later. Now that LEDE has spun off and I'm running a version of it I'm big time impressed with it. That is provided these wifi drivers hold up.


It's lean, mean, doesn't consume all the RAM and the LEDE developers are playing around with CPU scalability as well. They've really built a fine firmware. Right now the "Stable" branch still has the buggy wifi drivers in it but that will change soon and then I'll deploy this router as my main device.


One of the great tricks LEDE has is that I can change the power setting in the WiFi output. Yep, more power. More coverage. Because I am running behind a hardware firewall all I really need is a router that is:


a) Powerful

b) Stable

c) Fast


I don't require any other widgets. I do all my Ad Blocking, and Firewalling and VPN servers on my hardware firewall appliance. Here's a peek at the interface.



Simplistic. Not a lot of bells and whistles (although there are LEDE builds that have them) I end up getting EXACTLY what I need here. No more, and no less.


ME: Hardware Firewall to LEDE router which is secure


YOU: Cable modem to 5 year old router you've never updated.


Which one of us best stands a chance of not seeing our taxes on The Racheal Maddow Show?


Okay, here's how I did it and bear in mind I'm running a Development snapshot because of those drivers. The "Stable" version you just flash it from your Linksys firmware where you select the file and then flash. LEDE has a graphical interface, viewed in a browser, called LuCI.


The development snapshots don't gotta no LuCI (said in your best Ricky Ricardo voice). If you don't know who Ricky Ricardo or "Lucy" is just please leave now and never try to run Open Sourced Firmware.


Navigate to this page and download this file:

Make sure to get the squashfs-factory image file.



Now flash it from your Linksys firmware updater.


Once you flash it now open a terminal or Putty program and (in Mac OS X) type:


ssh 192.168.1.1 -l root


You may need to adjust your IP address but the initial flash I believe always turns the router into 192.168.1.1


Once you get in it will bark at you for not having a password set. Just press on quickly.


At your terminal prompt run the following 4 commands, one at a time, and yes, you must be hooked to the internet.



opkg update

opkg install luci

/etc/init.d/uhttpd start

/etc/init.d/uhttpd enable


Reboot, and then point your browser to http://192.168.1.1 and Bob's your Uncle.


I think by and large though for a home router that you want wicked stability on you want to only run the stable releases however I'm stuck between a rock and an unstable place because of the Marvel Wifi Driver issue (which will be resolved soon, you'll see). In fact the super geeks are getting much closer to solving this problem. I'd estimate a couple more weeks and it'll be resolved.


Power. Stability. Speed. Reliability. AND SECURITY.

Comments

Router Review - Linksys WRT3200ACM

I need another router like I need a hole in the head or an STD. That being said I stumbled across the router deal of the decade for a refurbished Linksys WRT3200ACM for $119. It's a great deal because retail is roughly double that and it's a brand new state of the art router.


All that being said, it's still a Linksys router and the home router market is just not as secure as you'd like it to be. The goal of the router manufacturer is that the dumbest customer they have open the box, plug it in, and get it working. That's not exactly built with security in mind.


For more details go to this website RouterSecurity.org.


You personally couldn't get me to run a home router directly off of a cable company modem. I run my home network behind a hardwire firewall. You should too. I use a pfSense SG-2220. You don't have to buy an appliance from there to have a pfSense firewall. It is open source software. You can buy an old rack mounted server on eBay for next to nothing with a Pentium Xeon chip and install pfSense which is free. You can use an old computer as well with 2 network cards. Only problem with that scenario is that you want an appliance that sips electricity, rather than gulps it. That's why an appliance with no fans and such is desirable. You can build your own as well with a mini ATX motherboard and CPU with passive heat sink. Throw a stick of RAM in and a hard drive and you're all set. Buying old on eBay is your least expensive route though.


Also I don't run stock firmware on my routers. I use Open Source Firmware which I believe to be more secure, faster, and just a better all around experience. They have plenty of added features that the stock firmware doesn't have. For example you can configure Ad Blockers, or set up a VPN server or client, or make a cool page where users have to log in like you see in hotels and such.


The Linksys WRT3200ACM claims to be OpenSource Ready and while that's kind of true, let me clue you in on something. Linksys is owned by Belkin and while they do support Open Source the Wifi Chips in this router are made by Marvel and their Open Source driver development is ages behind their proprietary drivers. The DD-WRT and OpenWRT forums are rife with problems with wifi right at the moment (APR 2017).


What's that mean for you? It means if you run DD-WRT or OpenWRT right at this moment you're going to likely experience wifi issues. Common problems reported are "IT WORKS AWESOME" then two days later you see "MY WIFI SPEED CHOKED DOWN TO NOTHING AND I HAD TO REBOOT THE ROUTER"


When I bought this routers cousin, the WRT1900ACS which I'm currently running the exact same scenario played out. It was about a year before the wifi drivers were good enough for daily usage. My WRT1900ACS is rock solid stable and has been for some time.


So I'm counting on Marvel to come through so the Open Source Firmware guys can incorporate those new drivers in their builds. So I opted to buy the WRT3200ACM at $119 knowing the problems will be resolved soon (hopefully).


But because I run behind a hardwire firewall it SHOULDN'T be an issue for me to run the Linksys Firmware for a bit until they get it resolved.


My home network is a bit more complicated than most as you can see. It's a conglomeration of hard wired ethernet and 2 wifi Access Points. Clients are not depicted. Thank goodness. The page isn't large enough :)







One of the best key features that no one knows about except super geeks is that there are two boot partitions. What that means is that your router comes with Linksys firmware and if you upgrade to DD-WRT Firmware that in reality BOTH FIRMWARES RESIDE ON YOUR SYSTEM. So let's say you muck up DDWRT real good or even you think you might have bricked the router you can turn it off on the switch on back, then turn it on three times until the lights come on, then turn off again. I think on the 4th boot it will revert to the other boot partition.


Or you telnet into the box and can run the following commands:


ubootenv get boot_part # this returns a number 1 or 2

ubootenv set boot_part 1 # this would set your partition to 1, change it to 2 for 2

ubootenv get boot_part # check it to make sure

reboot # restart to the partition you want to boot into.


One thing you don't want to do is update DDWRT from DDWRT because then it resides on both partitions. ONLY INSTALL OR UPDATE DDWRT FROM THE LINKSYS FIRMWARE. There is no DDWRT to Factory Firmware .............yet. The WRT1900ACS has one but the WRT3200ACM does not have a revert file yet.


It's not impossible to get it back but you end up using a TTL to serial converter and cracking open the router case. Not something you really want to do.


Anyway the WRT3200ACM came with the latest firmware (and oh by the way today Linksys announced there were 10 exploits that are unpatched found in their firmware)


The Linksys Stock Firmware is adequate and even has an OpenVPN setup in it which is quite easy. I found that things like Dynamic DNS are hidden or at the least not very intuitive to find. Whatever happened to the left hand link called "ADMINISTRATION"?




It isn't tremendously attractive but I managed to install a variant of OpenWRT firmware called LEDE. Great Open Source Project, very, very powerful firmware but not for the faint of heart. It's fairly geeky. But I'd say it's fairly secure as well. Power and geekiness doesn't always equal polished.





Comments

How to Make Your Own VPN Server

So the ISP's are selling your web history, and you never should trust the wifi network at the hotel, the restaurant, or the coffee shop. What's a soul to do? Get a Virtual Private Network (VPN).


Nowadays your fairly new router should have the ability to set up a VPN but you lack some control over configuration and security. It's really a piece of cake now to install a VPN server on a Raspberry Pi computer ($35) and leave it on 24/7. There is a program called PiVPN that makes it almost too easy to do.

What you need to pull this off is:


- Raspberry Pi 3 (recommended) Get the one I linked because it has a good 2.5 amp power supply with it for $41 total. Heck the Pi itself costs $35 to $40 usually.

- Micro SD card I like San Disk, and about 8GB is plenty good for this project. The card I linked is $10. You can get them cheaper than this especially if you get a Class 4 card. I personally run San Disk Class 10 cards in all my Pi's.

- Ethernet cable. (optional) I recommended running the Pi right off your router via ethernet. It'll be faster. The Pi 3 has on board wifi though so it isn't a must.


Now you have the hardware. Lets download the software. First you need the OS and we'll use Raspbian. There is a Raspbian and a Raspbian Lite. Either one will work. Technically the Lite version is enough to pull this off but I like to run the full Rasbian because you can VNC into it graphically and control the Pi from afar from its desktop interface. Download one or the other from here.


Rasbian and Raspberry Pi are nothing to be scared of. If you plugged Raspbian into your monitor, keyboard, and mouse, it looks just like any other Operating System. It's lean, mean and very intuitive. Click the little Raspberry in the top left corner and it's set up like a windows type desktop.




Now download Etcher. Once Etcher is downloaded put your micro SD card in your computer, point it towards your downloaded file and click the FLASH button. It's that easy.





Now this is kind of a sticking point. Because we are going to be running this Pi headless, which means without monitor, keyboard, or mouse we have to access it from the command line from another computer. Since November of last year Raspbian has disabled Secure Shell (SSH) from being enabled as default on a fresh install. You have to enable it. Two ways to do that. One is to hook up a monitor, keyboard, and mouse and open Raspi-Config put your SD card in and boot up. Once at the desktop you can open Raspi-Config. You can open it from terminal by typing:


sudo raspi-config


Select Number 5



Then number 2




Then "yes"



Okay, that's kind of a pain. (I'm doing this from a Mac, so it only works on a Mac. Google up your OS directions if you have something else).


While the SD card is still in after you run Etcher, open a terminal and type:


cd /Volumes


then


cd boot


then


touch ssh


Then place the SD card in the Raspberry Pi and boot it up.


To SSH into your Pi from a terminal type


ssh 192.168.x.xx -l pi (where x.xx is the IP address of your Pi) (i.e. ssh 192.168.1.2 -l pi)

password = raspberry


Change the password once you boot up for the first time by going to Raspi-Config and selecting number 1.


Now go to a terminal and type:


curl -L https://install.pivpn.io | bash


Then follow along with the directions here. The directions are slightly outdated but the newer installation flow is much more intuitive. It probably takes 30 mins or so to complete. The lengthy part of the process is the generation of encryption keys. Everything else goes fast.


Once that is done use an SFTP client such as FileZilla to move your client certificates to your computer or tablet, or phone for installation. (All that is also covered in the directions).


Here's one thing I noticed though. The configuration file it generates DOES NOT route all traffic through the VPN and by golly that's what I want.


From a mac computer you can import your ovpn

file into a program called Viscosity. Once you tell Mac you want to open that .ovpn file with Viscosity it will import it then you can easily make it route all traffic through the VPN by doing this. I named my test file "VPNatMoms". Highlight and Click "Edit".




Now go to Networking Tab and click the radio button to route all traffic through the VPN. Then hit Save.




That works great for Viscosity, but if you want to ensure you route all traffic over the VPN on your IOS device it's not that easy. Back to Viscosity:


Highlight your connection then click "Export Connection" Save it wherever you want.


MAKE SURE THAT YOU CLICK TO ROUTE ALL TRAFFIC THROUGH THE VPN ON EVERY PROFILE YOU NEED TO DO THIS BEFORE YOU DO THE NEXT STEPS!




Now you can right click on the file and "Show Package Contents"



There will be a file called config.visc


Change it to whatever you want dot ovpn (i.e. john.ovpn)



Now make sure you have the OpenVPN app on your IOS device. Now hook your phone or tablet to your Mac and open iTunes to sync. Now go to the OpenVPN app under File Sharing on the "Apps" page which will give you a box called "OpenVPN Documents" to allow you to drag those 5 files into and then sync your phone or iPad. It's kind of weird because when you click on Apps in the left hand pane it kind of looks like a complete page, but you can scroll down to find the File Sharing section. It's a real head scratcher for sure. HIDDEN.




Now you should be able to open the OpenVPN app and connect. You'll have to add your password first time.


There's another way to do it but it's fairly geeky. Install a program called ruby on your mac. From a terminal type:


brew install ruby


Once installed click the "Download Zip" button from this page. Once unzipped the file will be called viscosity-to-ios-connect.rb. Open it with Text Editor. Find the 8th line of text and do this:


change line 8 from: File.read(file).each do |line| to File.read(file).each_line do |line|




config_files = Dir.glob("#{ENV['HOME']}/Library/Application Support/Viscosity/OpenVPN/*/config.conf")

config_files.each do |file|

  certificate_files = ['ca', 'cert', 'key', 'tls-auth']

  config_dir        = File.dirname(file)

  connection_name   = nil

  new_config        = []




  File.read(file).each_line do |line|

    line.strip!




    if line.start_with?('#viscosity name')

      connection_name = line.match(/^#viscosity name (.*)/)[1]

      next

    end




    next if line.start_with?('#')

    (key, value) = line.split(/\s+/, 2)




    if certificate_files.include?(key)

      # Special case for tls-auth which is "key direction"

      if key == 'tls-auth'

        # add direction to config

        (value, direction) = value.split(/\s+/)

        new_config << "key-direction #{direction}" unless direction.nil?

      end




      certificate = File.read("#{config_dir}/#{value}")

      new_config  << "<#{key}>"

      new_config  << certificate

      new_config  << "</#{key}>"

      next

    end

    new_config << line

  end

  raise "Unable to find connection name in #{file}. Aborting." if connection_name.nil?

  new_config.unshift("# OpenVPN Config for #{connection_name}")

  out_file = "#{connection_name}.ovpn"

  File.open(out_file, 'w') { |f| f.write(new_config.join("\n") + "\n") }

  puts "wrote #{out_file}"

end




Save the file.


Now go back to the terminal, make sure you are in the same directory that file is and type:


ruby viscosity-to-ios-connect.rb


It will take every Viscosity profile and change it to an OpenVPN profile. You can email it to yourself then just click on it in your iPad to import it. Note that I have 6 profiles for OpenVPN. Your mileage may vary.




Now the profiles you install in OpenVPN will ROUTE ALL TRAFFIC THROUGH THE VPN. Safety, Security. Ahhhhhhhhh.


They seem to have left out on vital detail. What happens if you don't have a static IP address and your ISP routinely changes your address? During configuration they have you select between IP address and DNS address (which I chose DNS address and configured it to hagensiekerj.duckdns.org) And I thought that was cool but then I realized THERE IS NO TOKEN ADDED TO ACTUALLY CHANGE THE ADDRESS. It won't actually update the address.


So ......... go to DuckDNS.org and make a domain and click on "Add Domain". It will give you a token (which I have redacted in the photo below) Your domain can be anything, your name, your dogs name, nonsense letters.......anything. I made hagensiekerj




Now click the install tab on the DuckDNS toolbar, click on "Pi" and choose your domain from the dropdown box




That will give you a directions page to follow to install a script file which checks your IP address every 5 minutes and changes it as necessary.



I noticed some problems here so I'm going to lend a little advice. The script only ran if I ran it as super user. Go to the line that says "vi duck.sh" and instead type


sudo nano duck.sh


And because of the way the script is run and the permissions it wants to write the log file to the root owner. So on the second line of the script where it says


~/duckdns/duck.log


change that by removing the ~ to this:


/home/pi/duckdns/duck.log


Now click the Control Key plus the X key, then the Y key to accept and Enter to save.


Now you need to sudo the ownership command below:


sudo chmod 700 duck.sh


Then sudo the crontab -e command below as well.


sudo crontab -e


add this to the last line


*/5 * * * * /home/pi/duckdns/duck.sh >/dev/null 2>&1



Now click the Control Key plus the X key, then the Y key to accept and Enter to save.


Now when you run the command


cat duck.log


It should return OK but it showed in a bizarre place in my terminal.




If it says "KO" you suck. Try again.


Now when your computer boots it will check it's DDNS address every 5 minutes and update as required. So in the worst case scenario it could be down for 5 minutes if your ISP changes your address.


You is a steely eyed missile man.

MQTT PIR Motion Sensor with ESP8266 Feather Huzzah in Home Assistant

Because Motion Sensors for Home Automation cost so much money I decided to build one of my own from the prodigious spare parts box in Castle Hagensieker.


BOM



Adafruit Feather Huzzah - $16.95 plus shipping. I chose this because, a) I had one, and b) it has a battery attachment point.


Adafruit PIR Sensor - $9.95


Micro USB charger - You have one already don't you from an old cell phone?


Bear in mind you do NOT need these exact parts. You can go to eBay and buy the cheapest, from China, ESP8266 and PIR module and they will work fine.


Time to wire it up. Quite simple. One gotcha. Feather Huzzah is 3.3v and PIR module generally requires 5v. In my case I didn't need to modify anything but there is a voltage regulator on the PIR module. You tack solder a wire on it and use it instead of the red wire depicted below. I don't think you need it, but if you do you'll have to Google it. There are a dozen or more pages that show you how to do it. Mine just works.


PIR 5v to Feather Huzzah 3v = red

PIR GND to Feather Huzzah GND = black

PIR Signal to Feather Huzzah GPIO12 = yellow





Okay I'm assuming if you have an ESP8266 and Arduino you know how to set it up and ensure you have the proper libraries. If not read and follow this article. I could write the steps but they did it better.


Now make sure you have the following libraries installed:


ESP8266WiFi.h

Adafruit_MQTT.h

Adafruit_MQTT_Client.h"


Use this sketch making sure to fill out your wifi, and MQTT credentials.


/*
 Basic ESP8266 MQTT PIR sketch


*/


#include <ESP8266WiFi.h>
#include "Adafruit_MQTT.h"
#include "Adafruit_MQTT_Client.h"


// Update these with values suitable for your network.


/************************* WiFi Access Point *********************************/


#define WLAN_SSID       "yourwifi"           // Wi-Fi network name
#define WLAN_PASS       "your password"           // Wi-Fi password


/**************************** MQTT Broker ************************************/


#define AIO_SERVER      "192.168.XX.XX"  // MQTT broker IP
#define AIO_SERVERPORT  1883             // MQTT broker port
#define AIO_USERNAME    "user"           // MQTT username
#define AIO_KEY         "pass"           // MQTT password
#define AIO_CID         "ESP-PIR-01"     // MQTT client ID




// Start a counter for serial logging and set the initial value to no motion 
int counter = 0;
int previousReading = LOW;


WiFiClient client;
// Setup the MQTT client class by passing in the WiFi client and MQTT server and login details.
Adafruit_MQTT_Client mqtt(&client, AIO_SERVER, AIO_SERVERPORT, AIO_USERNAME, AIO_KEY, AIO_CID);


// Setup publish feeds - define topic name in parenthesis 
Adafruit_MQTT_Publish status  = Adafruit_MQTT_Publish(&mqtt, AIO_CID "/feeds/motion");
Adafruit_MQTT_Publish motion_topic  = Adafruit_MQTT_Publish(&mqtt, AIO_CID "/feeds/motion");


long lastMsg = 0;
char msg[50];
int value = 0;


/////////////////////////////
//VARS
//the time we give the sensor to calibrate (10-60 secs according to the datasheet)
int calibrationTime = 15;        


//the time when the sensor outputs a low impulse
long unsigned int lowIn;         


//the amount of milliseconds the sensor has to be low 
//before we assume all motion has stopped
long unsigned int pause = 5000;  


boolean lockLow = true;
boolean takeLowTime;  


int pirPin = 12;    // the digital pin connected to the PIR sensor's output
int ledPin = 16;    // the digital pin connected to built-in LED




void MQTT_connect();


void setup_wifi() {


  delay(10);
  // We start by connecting to a WiFi network
  Serial.println();
  Serial.print("Connecting to ");
  Serial.println(WLAN_SSID);


  WiFi.begin(WLAN_SSID, WLAN_PASS);
  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }


  Serial.println("");
  Serial.println("WiFi connected");
  Serial.println("IP address: ");
  Serial.println(WiFi.localIP());
}


  // Setup a MQTT subscription
void callback(char* topic, byte* payload, unsigned int length) {
  Serial.print("Message arrived [");
  Serial.print(topic);
  Serial.print("] ");
  for (int i = 0; i < length; i++) {
    Serial.print((char)payload[i]);
  }
  Serial.println();


  // Switch on the LED if an 1 was received as first character
  if ((char)payload[0] == '1') {
    digitalWrite(BUILTIN_LED, HIGH);   // Turn the LED on (Note that LOW is the voltage level
    // but actually the LED is on; this is because
    // it is active low on the ESP-01)
  } else {
    digitalWrite(BUILTIN_LED, LOW);  // Turn the LED off by making the voltage HIGH
  }


}


void MQTT_connect() {
  int8_t ret;


  // Stop if already connected.
  if (mqtt.connected()) {
    return;
  }


  Serial.print("Connecting to MQTT... ");


  uint8_t retries = 3;
  while ((ret = mqtt.connect()) != 0) { // connect will return 0 for connected
       Serial.println(mqtt.connectErrorString(ret));
       Serial.println("Retrying MQTT connection in 5 seconds...");
       mqtt.disconnect();
       delay(5000);  // wait 5 seconds
       retries--;
       if (retries == 0) {
         // basically die and wait for WDT to reset me
         while (1);
       }
  }
  Serial.println("MQTT Connected!");
  status.publish("online");
}


void setup() {
  pinMode(BUILTIN_LED, OUTPUT);     // Initialize the BUILTIN_LED pin as an output
  Serial.begin(115200);
  setup_wifi();
  pinMode(pirPin, INPUT);
  pinMode(ledPin, OUTPUT);
  digitalWrite(pirPin, HIGH);


  //give the sensor some time to calibrate
  Serial.print("calibrating sensor ");
    for(int i = 0; i < calibrationTime; i++){
      Serial.print(".");
      delay(500);
      }
  Serial.println(" done");
  Serial.println("SENSOR ACTIVE");
  delay(50);




}


void loop() {
  // Ensure the connection to the MQTT server is alive (this will make the first
  // connection and automatically reconnect when disconnected).  See the MQTT_connect
  // function definition further below.
  MQTT_connect();


     if(digitalRead(pirPin) == HIGH){
       digitalWrite(ledPin, LOW);   //the led visualizes the sensors output pin state
       if(lockLow){  
         motion_topic.publish("ON");  
         //makes sure we wait for a transition to LOW before any further output is made:
         lockLow = false;            
         Serial.println("---");
         Serial.print("motion detected at ");
         Serial.print(millis()/1000);
         Serial.println(" sec"); 
         delay(50);
         }         
         takeLowTime = true;
       }


     if(digitalRead(pirPin) == LOW){       
       digitalWrite(ledPin, HIGH);  //the led visualizes the sensors output pin state


       if(takeLowTime){
        lowIn = millis();          //save the time of the transition from high to LOW
        takeLowTime = false;       //make sure this is only done at the start of a LOW phase
        }
       //if the sensor is low for more than the given pause, 
       //we assume that no more motion is going to happen
       if(!lockLow && millis() - lowIn > pause){  
           motion_topic.publish("OFF");  
           //makes sure this block of code is only executed again after 
           //a new motion sequence has been detected
           lockLow = true;                        
           Serial.print("motion ended at ");      //output
           Serial.print((millis() - pause)/1000);
           Serial.println(" sec");
           delay(50);
           }
       }


}


Now hook up the Feather Huzzah and ensure you select the correct board and port. Then click the upload button which is the right arrow looking one.



Getting close. Once the uploads completes it will connect to your MQTT server and publish the topic "ESP-PIR-01/feeds/motion" You can then use an MQTT client, (I use MQTT.fx) to see if the sensor is reading ON and OFF



If it triggers on and off with motion then you're ready to configure Home Assistant as a binary sensor. Add this to your configuration.yaml file under binary_sensor:


- platform: mqtt

state_topic: "ESP-PIR-01/feeds/motion"

name: PIR Sensor

payload_on: "ON"

payload_off: "OFF"

qos: 0

device_class: motion


Once you restart Home Assistant it should show up as a binary sensor and indicate ON or OFF. Note that my PIR Sensor is the last one on top on the right.






Now that the binary sensor is installed and reads the motion state you can use it to trigger events in automation. For example this is going on the Back Porch. A motion trigger turns on the back porch light (which is actually a Z-Wave GE switch on the inside of the home). The following automations allow for this. And automation 7 stops the lights from coming on during daylight hours. Pretty smart, huh?


automation 7:

  alias: Back Porch Light On

  trigger:

    - platform: state

      entity_id: binary_sensor.pir_sensor

      to: 'on'

  condition:

    condition: and

    conditions:

      - condition: state

        entity_id: binary_sensor.pir_sensor

        state: 'on'

      - condition: time

        after: '19:00:00'

        before: '07:00:00'

        weekday:

          - mon

          - tue

          - wed

          - thu

          - fri

          - sat

          - sun

  action:

    - service: switch.turn_on

      data:

        entity_id: switch.ge_12722_onoff_relay_switch_switch_8_0

automation 8:

  alias: Back Porch Light Off

  trigger:

    - platform: state

      entity_id: binary_sensor.pir_sensor

      to: 'off'

      for:

        minutes: 1

  action:

    - service: switch.turn_off

      data:

        entity_id: switch.ge_12722_onoff_relay_switch_switch_8_0


Enjoy.

Printing on Eggs and Shit.

So I've got a couple 3D printers and a vinyl sign machine and I'm always looking at related forums and reading the industry magazines. One day on Thingverse.com I stumble across the Sphere-O-Bot which shows a 3D printed frame with a couple of NEMA 17 motors and an arduino. And I think "I have to make that". Forget that I have absolutely no reason to print on eggs or ping-pong balls but just as a man climbs Everest because it is there so it is with me.


There is a kit from a place called J-Robots or you can source the parts yourself. The software is open source. The thing is that an Arduino Leanardo, a Brainboard, and two stepper motors and drivers will set you back over $60 maybe more with shipping. Then you need the hardware and the other related stuff. Might as well get the kit.


However, I'll say this up front. IF PRINTING ON EGGS IS SOMEHOW IMPORTANT TO YOU......... buy a bigger kit. This barely and I mean barely holds a Large egg. In fact some of the eggs I have won't fit. I always buy the largest ones in the store. There are bigger kits out there. Same stuff, just it holds bigger items.


Here's another gotcha. I could not for the life of me get the Arduino software to load or the Inkscape plug in to work on Mac Sierra. Everything works perfectly on Linux Debian. I can't speak for Windows but Mac wasn't working right.


Another caveat is that when I was looking at the J-Robots kit they didn't have the 3D printed parts available. No problem, for me BUT the frame takes about 13 hours to print. But it looks mighty nice when it's all said and done. If you print this frame you won't need to print with supports. Brilliant. Get the rest of the parts here, except for the frame of course.




The other parts can be zipped off in an hour or so. Here's what it looks like assembled with the help of my poodle model.



Assembly is pretty easy but forcing the suction cup on the left side into the fitting was no fun. Follow the software installation instructions here. For me it was literally just unzipping some files to my extension folder for inkscape from here. For mac and windows there is an installer but again it didn't work for me under Mac Sierra.


Setup is a little un-intuitive but if you've successfully built it you'll figure the rest out quick enough. I screwed up only a couple of eggs before I got great prints. So there is a learning curve but not a big one.


Here's a video of me printing over some screw ups with a geometric pattern.




And finally here is a video showing the whole device in operation.




I have a few things to figure out still. I can easily see where tinkering with positioning, pen height, different types of pens, etc. will make a huge difference in quality.


So until I figure out what to do with this thing I do know a few people with little kids and Easter is coming up! Okay, okay, I wasted a hundred dollars. Sue me.





Original Prusa i3 Mk 2 - 3D Printer Review

I started 3D printing about a year or so ago with an inexpensive Prusa i3 3D kit from RepRapGuru. Wow the price went up some! It was like $280 and sold on Amazon and I remember seeing the same kit sold on eBay from the same person with a "Make An Offer". I think I offered $250 or something and they took it. Anyway the kit was pretty great and after using it a month or two I got upgrade-itis and rebuilt it with a new extruder and new lead screws, and added belt tensioners and good bearings for the belts to ride on. And I put overpriced Japanese bearings in it. It's really a great printer now but as with all things technology moves on. Prusa i3 kits now use PINDA probes for exacting nozzle positioning and mesh bed leveling which means even if your build surface is not perfectly flat or straight that the software (firmware) will compensate for it. This adds a huge quality increase, a speed increase if you are so inclined, and the printer in general prints about 31% larger objects. Of note there were a few things I wanted to print that wouldn't quite fit on the old printer.


Of note is the fact that my first kit was called a "Prusa"........that stands for Josef Prusa who now is in business and makes and sells the new Original Prusa i3 Mk2. Here's the best part. Make Magazine gave it the BEST OVERALL and BEST VALUE award for 2017. Think about that. Best printer at the best cost. You can read their review here. Also there is a guy named "Tom" on the internet that does the best YouTube videos for 3D printing there is. Don't mess with Tom. This video alone sold me.



Okay so Josef Prosa has his own company and makes the best printer at the best price. You can buy the kit for $700 or a fully assembled one for $900. I opted for the kit. And because it comes from overseas expect to pay $80 or so for shipping. Also there is such demand for the kits the lead time is 7 weeks!. While that sucks in this day and age of "I want it now" it speaks volumes for the kit in my opinion.


When the box showed up it was WAY smaller than I imagined. It is very well packed and very intelligently packed. The parts and hardware are in well labelled zip lock bags which correspond to the steps in the manual. I found no deficiencies in the packaging. Also they give you a bag full of spare hardware AND the tools to build the kit with. They literally thought of everything. I promise you the bag of spare hardware was added by someone who builds them for a living who drops screws and nuts behind the workbench. What an incredible touch. Spare hardware.


Electronics and motors and such are boxed wonderfully and safely as well. Parts that hook up to the electronics board that are similar and which could be potentially plugged into the wrong place are intelligently and distinctively marked in a couple of different manners. Really smart.


The build quality of the 3D printed construction parts in the Prusa i3 Mk2 kit is amazing.


When I built my first RepRap kit the build quality of the printed parts was "meh". I literally had to zip tie the X axis ends together so I could print new ones to rebuild it with. But such is the life of a 3D printer geek. Anyway the parts in the Prusa kit are perfectly printed. Another thing I enjoy about this kit is that although it is an advanced printing platform the end user building the kit doesn't have to dive deep into the extruder calibration. All that has already been figured out and preprogrammed. When I built my first RepRap kit I had to measure extrusion levels, do math, change values in the firmware to make sure the proper extrusion rate was happening. Not so with the Mk 2 kit. So while it a highly evolved Prusa i3 the end user just has to put it together.


It took me about 3 short sessions to build the kit but remember, I've built and then rebuilt a 3D printer before. I would guess it took me 5 hours or so to construct the whole thing. Basically as soon as it was built and I ran the first calibration it passed successfully and I was able to immediately start printing. The secret to that success is to ensure the Y axis frame is built perfectly and is square and the bed frame tracks perfectly. If the Y axis is built crooked you are doomed, doomed, doomed to have problems. Take the time and do it right and it will calibrate on the first go around.


Build quality of the kit is amazing. It is sturdy and the cable wraps make for a neat installation profile with great cable management. Here's a pic without the electronics and heated bed.



Now here is a pic of the completed, and working printer.



To make sure I was up to snuff I decided to print the dragon that is used in their promotional pictures and is shown on their web site. Kind of a rite of passage thing. Also the Dragon model (Adalinda, included on the SD card) takes about 7 hours and change to print and is pretty complex. I figure if my first print is a 7 hour complex model and it works then I can declare the build a success.


Nailed it!



Finally I gained another capability that I didn't easily possess on my RepRap kit. The ability to do 2 (or more) color prints. The picture below is also included on the supplied SD card.



Now, to make sure this wasn't some fluke I decided to try this on another model to make sure I could do this to anything I wanted to do it to. You have to modify the gcode to tell the printer when to stop. Prusa has added easy instructions and a gcode tool on their website to do this. The page even includes a great video that explains the process. Here's my stab at it.



As someone who has built a printer before and then rebuilt it and pushed it to the limits I can tell you that the Original Prusa i3 Mk2 kit raises the bar for 3D printers. The fact that it comes in an inexpensive kit form is like icing on the cake. They also have great software support and even have a customized version of Slic3r, the slicing software that generates the gcode used in printing.


Of note: Once I built my printer sure enough there was a firmware update and sure enough the firmware wouldn't load in Mac Sierra. And then equally sure enough on their support pages it seems there is a special firmware loader for Mac Sierra. Now it works great!. You can find a link to it on this forum page. Other than that there were only a couple steps where I scratched my head in the manual however the on-line assembly manual here has a place for builders to add comments which is ANOTHER STROKE OF GENIUS. All my head scratching questions were contained within the answers. Take the time to read the comments unless of course the directions are crystal clear, and most of the time they are.


Order one of these printers today. Best thing going. Thanks Josef Prusa!


And here I am in action and still using my first 3D printer as well. It's still viable just not as great as the Mk2.













Home Automation Hardware

So you've decided to automate your home some, huh? But don't know much about it, huh? Seems you go to Walmart or Home Depot or Best Buy and the store areas of smart home components is getting bigger and bigger and everything looks SOOOO cool, but alas, it isn't and it doesn't all play together nicely. There are so many different standards and none seems to have prevailed yet. Here are some of the popular ones.

- ZWave

- Zigbee

- WiFi

- Bluetooth


There are others but lets just start with these. So you decided to take the plunge and buy a smart bulb. Seems the logical place to start. Then you get it home and realize the light bulb that cost you grocery money for the week WON'T WORK WITHOUT A CONTROLLER OR HUB. You look at the box and there it is in small print. Then you find out the hub is expensive and somewhat proprietary to the bulb. Then you buy another device and figure out it needs a hub too!.


But you're lucky. You got a wifi bulb which works from an app. Then you get another wifi device which works from an app. Then you realize the bulb must be in the on position all the time and YOU CAN ONLY CONTROL IT FROM THE APP. You went into the dark bathroom and your phone is in the other room and then you realize you didn't think this out as well as you should have.


So I guess what I'm saying is you need a plan BEFORE you embark on throwing a sea of money at making your home smarter. You need to know the conditions that are acceptable to you before you start buying expensive items.


There are hubs out there that control various protocols. I bought the Wink Hub 2 which seemingly does them all but I found it to have some latency issues. Also you have no control over getting deep inside the component and tweaking it's hidden settings. Wink is for simplification and not for a mythical power user like myself. Also I bought some Osram Lightify light bulbs which are Zigbee protocol and worked with Wink Hub 2. If I turned power out or something it seems I had to reconfigure the bulbs or maybe the distance from the bulb was just too far from the hub. At any rate it wasn't working well in my setup so I decided to get and stick with Z-Wave components. Not a fan of Zigbee and wifi seems so hackable. Nobody is going to run around and hack your Z Wave stuff (I don't think).


So I bought a few items and managed to get them to play nicely around an Open Source project called Home Assistant. Keeps you from using a dozen smart phone apps however the one and only controller I use is a Z-Wave protocol. It is the Aeotec 5th Generation USB stick.


AEOTEC 5th Generation USB Stick


Small, simple, and easy to program. More on that later.


I already touched on my first big home automation discovery.........The app controlled light bulb. When I wake up I just want to switch the lamp next to the bed on, not find the phone, find the app, etc. I very quickly came to the conclusion that wall switches that also work manually are most suited for normal home operation. Well, now I need to make sure my switches are either Z-Wave or Wifi. Were I to get a Zigbee protocol switch I'd need to buy another hub. Been there. Done that.

So I settled for GE Wall Switches 12722


GE Z-Wave Wall Switch


This allows me to use my program Home Assistant or the switch itself. Best thing is these switches can be wired up as three way switches. That is where you have 2 switches controlling one light. Like at the top and bottom of the stairs. BUT, you are tied to using ONLY the GE Add on Switch. The switch works great but I learned that the add on switch doesn't have a Z-Wave controller so that if you push it your Home Automation software won't report the change until it polls the light and sees that it is off. Polling is typically done every 30 seconds on Z-Wave. If you are obsessive compulsive and can't wait a few seconds for the switch state to change in your software the GE Add on switch is not for you. I'm told the HomeSeer line of switches add on switches report state. (Don't hold me to that). Me, personally, I can wait 30 seconds for the slider to slide over. It only bothers you when you're setting this all up or showing it off. In real world applications you turn the light on or off and then don't run to the computer to see what happened. Trust me, this is good enough.


So I have multiple Z-Wave switches in the house and just for fun I bought a Wemo Wifi Switch to put in the guest room.


WeMo Wall Switch


It works great but this switch is NOT a three way switch. Again you have to plan accordingly.


Now there is a place for smart light bulbs...........I use them in lights that I want to control to make it look like someone is home at night or at least awake. You know the light I'm talking about, the decorative one you never actually use in the living room. Or the front porch lamp that you realize you forgot to turn on AFTER you got all comfortable in bed. No more, I say to you. No more.


Not only can you control these lights from Home Assistant, you can automate them to come on at sunset and turn off at sunrise. I've done this with all my outside lights and some inside ones. They come on when the sun goes down and I never have to worry about it again.


So here's my current rough set up. Sensors across the top. Several for my Ring Pro doorbell, and Nest Thermostat. On the top left I have several hacked WiFi outlets I bought at Walmart. These use machine to machine protocol (MQTT) which I haven't discussed yet. These control the lamps in my house that I never actually turn on. Now I can give the dog light when I'm gone or make it look like someone is moving around inside. Also I have some relays which also run via MQTT or aRest platform. Right now these are experiments but I intend to deploy these as garage door openers and maybe yard sprinklers. As you can see I have 4 GE Z Wave switches and the one WeMo wifi switch. The automation set up shows for turning the lights on and off with sunrise and sunset and then also my LIFX lights and GE Z Wave bulb (Walmart $19) is in the garage. I'm going to tie this one into a motion sensor. I'll make it so the motion sensor only works from say 5PM to 7 AM to save a nickel or two a year. Also I can control my NEST thermostat from the Climate Section.






In another cool discovery I found I can add a web links section. Mine is titled LogitechMediaServers and these are links to my music servers.



Here's the media server. i think it's pretty cool I tied it to the Home Assistant program. Also, think about it, you could tie any other web app to this as well.



So I have multiple devices............and I've decided that the truly smart home is somewhat centered around smart wall switches and smart outlets. i prefer Z Wave and I prefer the smaller USB stick controller to the big gigantic hub. Also the Z Wave controller is LOCAL and most of the hubs are CLOUD. Yuck!

Wifi lamps such as LIFX are preferable to me than Phillips Hue which requires a hardware bridge.


For simple VOICE control you can get an Amazon Echo Dot and say "Alexa, Discover Devices". And then you can say "Alexa, Turn on Garage Light" or in the case of my garage light it is a GE dimmer bulb I can also say "Alexa, Turn on Garage Light to 50%". It is ONLY simple control if you keep Alexa local. If you chose to you can create Alexa actions but it is VERY GEEKY and you must open your Home Assistant instance up to the internet. Currently my Home Assistant instance is behind a firewall and is not accessible from the internet. And I know what you're thinking............"What good is that when you're gone?"


My answer to that is that I have a Virtual Private Network (VPN) that I can connect to and then I have full local control. In my mind it makes it a little more secure.


I have a smart lock and I guess I should have gotten a Z wave lock (yep, they make 'em) but I opted for bluetooth. I really like that I can have my phone or a FOB on my keychain and just TOUCH THE LOCK to unlock the door. To me that is better than clicking a slider in a web page or app. So again, every smart appliance needs to be thought out before you buy it. Yeah it would have been cool to control the lock from Home Assistant, but why? if someone is coming over I trust I can email them an encrypted access key. No more hiding keys.


My only regret is that I bought exterior security cams before I got interested in smart home stuff. My cameras, at least now, don't play nicely with this stuff. It's regrettable but hardly the end of the world. I love my camera system and it also was a very well thought out and contrived purchase. It suits my needs perfectly, I just can't view the cameras in the Home Assistant interface. This is NOT that important to me.


I guess the moral to the story is that NO MATTER, no ONE SINGULAR SOFTWARE OR HARDWARE PLATFORM WILL SUIT YOUR ENTIRE NEEDS. For now it is a mishmash of consumer products with no standard set in place.

Home Automation

Well, I don't know much about Home Automation, but I'm learning, and I like it. This journey started out with one goal in mind. To turn a single solitary light online from the internet in my front window to make the house look occupied when I'm on travel.


So I started an EcoPlug project and figured out how to set up a machine to machine protocol server (Mosquitto) and then thought......"Well, since I've got this server.........".


One Ecoplug turned into four, and then I learned to control mechanical relays with ESP8266 Internet of Things (IoT) chips. Then I bought a wifi LIFX colored lamp and then I bought two Orsam Lightify wifi lamps. Then I found out that the Lightify lamps wouldn't work because they used something called Zigbee which is a mesh network that hooks devices together. Then I found out there is another standard called Z Wave. Then I found out they sell hubs that do both among other standards. One such hub that I bought is the Wink Hub 2.


Now with all this I can add motion sensors, door sensors, more lights, cameras, you name it.


So now as you can imagine, I have several devices from several companies and several different apps to control them. Once again there is a program called Home Assistant that lets you tie it all together on a single control portal. Here's mine as it stands right this moment:



As you can see I can control my plugs, My lights, my relays and even my Nest Thermostat. As an added bonus it pulls in Plex Media Server, Chromecast, and my music servers (logitechmediaserver) as well.


Then you can take your devices and set automation up. For example my outside light and living room light are set to come on 30 minutes prior to sunset and turn off just before sunrise. (I need to tweak that a little). If you group your devices, as I have done here you can turn them all on at once or individually. Home Assistant also gives you the ability to add custom icons and custom names so now I know exactly what switch I'm controlling when I flip the switch. Just by adding some automation commands I can turn on outside lights at sunset and turn them back off at sunrise. I just worked through the first night of it and I'm positively giddy that it worked.


#Automation

automation:

  alias: Turn on lights when sun sets

  initial_state: True

  hide_entity: False

  trigger:

    platform: sun

    event: sunset

    offset: "-00:05:00"

  action:

    - service: light.turn_on

      entity_id: light.front_porch

    - service: light.turn_on

      entity_id: light.living_room_lamp




automation 2:

  alias: Turn off lights when sun rises

  initial_state: True

  hide_entity: False

  trigger:

    platform: sun

    event: sunrise

    offset: "-00:30:00"

  action:

    - service: light.turn_off

      entity_id: light.front_porch

    - service: light.turn_off

      entity_id: light.living_room_lamp




Home Assistant is kind of odd in that in the days of drag and drop you have to hand code a yaml file. And while it looks like computer code, you don't really need coding skills as the Home Assistant web site provides excellent tutorials for each device you can hook up and their forums are extremely helpful. Trust me, I've been on plenty of unhelpful forums and Home Assistant is great. Even asking the newbie questions, someone will help you and help you to completion of the task.


I'm just scratching the surface here and there are some Home Assistant gurus out there who would make your head spin with their impressive feats of automation with motors, servos, switches, lights, relays, cameras, cell phones, etc. In my mind it's a bit much but remember this is coming from the guy who only wanted to control one light previously.


By the way check out the level of control you have with the LIFX lights. You can control brightness and select from one of about a billion colors or even pick themes. I love this LIFX light. I love it a lot. However for $60 it should love me back.



Here's the problem as I see it though. Lack of standardization. I have plugs that run on machine to machine protocol and are wifi. There are wifi lights. There are wifi lights that need Zigbee protocol, there are devices that use Z wave. There is bluetooth, and IR remotes. Having a hub is almost a necessity as it allows you to not lock into one particular standard which can limit you.


And while the hub allows you access to all the standards and a larger variety of hardware..........good old hooking a wifi outlet up to lamp using machine to machine protocol (MQTT) allows for the fastest operation and response from Home Assistant. Having Z Wave and a hub creates latency between the device, hub, and Home Assistant. Having the device app open also seems to introduce weirdness into the mix at times. My Zigbee Orsam Lightify lights are very slow to react through the home assistant interface. The actual light comes on quick enough but the reaction time to the proper display setting on the Home Assistant page takes a few seconds. In short the light works fine, but the latency in the software is weird. I even had one light working fine that Home Assistant told me was "Unavailable". So did it's app. So did the hub app. But it was still accepting controls fine. Weird.


Another epiphany I had was that if you have a smart bulb in a regular lamp you have to leave the lamp on and it can really only be controlled by the app, or computer. There's something to be said for rolling over in bed and just not being able to flip the light on. It's not the end of the world by any stretch but it's not optimum either. So the thing to do is to install a smart switch in the wall. Unfortunately that involves messing around with the 120 volt mains power. Not a problem for me. The smart switch acts like a regular switch and can be wifi controlled as well. You get the best of both worlds. A switch that works normally on the wall that can be controlled from wifi.


Picked up a GE Iris Wifi enabled switch today at Lowe's. This by and large is the cats meow. Works with Z Wave which of course is what my Wink Hub 2 covers. I removed my old switch, wired this on in and added the device in the Wink app on my phone. It configured perfectly. I wired it with my recessed lighting back in my den.




If there's money to be spent the smarter money is on smart outlets and switches that go in the wall.


Stay tuned for more later as this evolves. Oh, and it will evolve.

Songle Internet Controlled Relay from ESP8266

I bought a Songle 2 channel relay from here with the hopes of hooking it directly to the ESP8266 GPIO and using it over the internet based on this excellent tutorial.


Unfortunately it just didn't work that easy. The digital GPIO signal from the ESP8266 is 3.3v and the relay just won't read that input on the IN1 or IN2 channel.


So you have to build a driver circuit for it. I used a 2N3904 transistor that I got from RadioShack here. Thank goodness my town still has a RadioShack.


Here's a rough and dirty detail.


This project uses Digital Pin 5 which is actually Pin D1 on the NodeMCU 1.0. Yeah, that's intuitive.


This is all from the flat part of the resistor towards you.


- From D1 a 1K ohm resistor goes to the base of the transistor. That is the middle leg.



- The Emitter, left leg, is tied directly to ground.



- The collector, right leg, goes to IN1 or IN2 on the relay. Also from the collector a 1N1004 diode goes to the 5v power source with the banded end at the 5v input. Put it in backwards and you are creating the condition to fry your transistor.



- The NodeMCU requires 3.3 volts (sharp eyes will see I'm using 5V to drive mine, and it works but it's wrong, kinda, sorta.)



- The relay Vcc requires 5 volts and of course ground is tied to ground.


Here it is on a breadboard layout. Nothing to it.




And here it is in action.




To drive both relays though you need to build another driver circuit for the other relay input. Also you need firmware to control 2 relay channels. I used this code I got from here. With this you just find the IP address of your ESP8266 and go to that page in a browser and you get 2 sets of on and off controls.








#include <ESP8266WiFi.h>
#include <aREST.h>
#include <aREST_UI.h>

// crée aREST instance
aREST_UI rest = aREST_UI();

// WiFi parameters
const char* ssid = "Your-SSID";
const char* password = "Your-Password";

// port conncetions TCP
#define LISTEN_PORT 80

// crée un instance du server
WiFiServer server(LISTEN_PORT);
void setup(void)
{
Serial.begin(115200);
// crée UI
rest.title("Relay ");
rest.button(2);
rest.button(0);
// donne nom et ID au module
rest.set_id("1");
rest.set_name("esp8266");
// connecte au wifi
WiFi.begin(ssid, password);
while (WiFi.status() != WL_CONNECTED) {
delay(500);
Serial.print(".");
}
Serial.println("");
Serial.println("WiFi connected");
// initialise le serveur
server.begin();
Serial.println("Server started");
// imprimme l'adresse IP
Serial.println(WiFi.localIP());
}

void loop() {
WiFiClient client = server.available();
if (!client) {
return;
}
while(!client.available()){
delay(1);
}
rest.handle(client);
}


Also you can configure this in Home Assistant to make dashboard switches.


switch 5:

  platform: command_line

  switches:

    arest_pin_two:

      command_on: "/usr/bin/curl -X GET http://192.168.20.102/digital/2/1"

      command_off: "/usr/bin/curl -X GET http://192.168.20.102/digital/2/0"

      friendly_name: Relay 1

switch 6:

  platform: command_line

  switches:

    arest_pin_zero:

      command_on: "/usr/bin/curl -X GET http://192.168.20.102/digital/0/1"

      command_off: "/usr/bin/curl -X GET http://192.168.20.102/digital/0/0"

      friendly_name: Relay 2



ESP8266 Hack of inexpensive WiFi Outlet

NOTE: This is a fairly involved project that requires soldering, Chip programming, setting up a server of sorts, etc. Took me two and a half days to figure all this out with lots of community help. Took me less than 30 minutes to do the second device. So it's a quick project THE SECOND TIME AROUND.


I AM IN NO WAY SHAPE, OR FORM THE AUTHOR, DISCOVERER, INVENTOR, OR ANYTHING ELSE OF THIS PROJECT. I am documenting this in easier to follow steps as it took some time to figure all this out because it is spread out in bits and pieces everywhere.


The original project (that I merely duplicated) is located at The Great Geekery. Before you do this project you for sure need to look over his original information. Wouldn't hurt to do a google search on "Ecoplug ESP8266" and read some backgound information on the whole thing. Very enlightening.


In today's blog I'm going to hack a wifi outlet to be able to be operated from wi-fi. Wait. What? These devices are made by KAB and branded with several different names such as WiOn, Ecoplug, WorkChoice, etc. In fact I ordered a Ecoplug from Walmart to be picked up in the store and when I got there received a WorkChoice. They may have different brands, different cases, but they are the same device.


They all contain the very hackable and very popular ESP8266 wifi chip which powers much of the Internet of Things (IoT) that you're always hearing about.


When people started taking these apart for reverse engineering they also discovered another dirty little secret. By using a program called WireShark that sniffs network transmissions and packets they discovered that these devices were SENDING YOUR WIFI SSID AND PASSWORD IN THE CLEAR TO AN OVERSEAS SERVER.


DO NOT BUY ONE OF THESE AND USE IT IN YOUR HOME. If you do realize that you have no expectation of security or privacy.


However you can hack 'em. Then they can't phone home. Here's the one I got at Walmart.



Now lets get to some hardware hacking. Remove the 4 screws in the back. The ESP8266 that we're going to reprogram is under the light brown shield. Remove the three screws holding it.



Now we need to solder 5 wires to the chip. Make sure the 2 holes are at the bottom and the chip is facing towards you. We are going to locate Power, Ground, Transmit, Receive, and GPIO0 which must be held low to ground on boot to put the device into boot loader mode so it can be programmed.



Also take note of the fact that right through the arrow line that says 3.3v's is an empty space on the board that is supposed to be populated with a reset switch. Dirty dogs removed the reset switch. Some of me thinks it was to make stuff like this harder. More than likely it saves .04 cents per unit.


Now take some breadboard wires and solder them on. I used 4 female ended wires with the GPIO 0 wire being a male end.



Now you need an FTDI programmer to hook from your computer to the board wires. I use the Adafruit FTDI Friend here. It costs $15. There are FTDI's on eBay for like $3 and even less. They use a fake FTDI chip and sometimes there are issues with drivers. I think they work just fine but I don't want the headache down the line.


HERE' ANOTHER POTENTIAL ISSUE. The FTDI programmer puts out 5v. The ESP8266 input power is supposed to be 3.3v. I have programmed 2 of these outlets and various other ESP8266's with 5v before. I've never had one blow up, HOWEVER, there are folks out there who have had them fry. If you put 5v into your chip be aware there is SOME risk involved with that. If you are the careful sort you can build a voltage divider with two resistors on a breadboard and chop your 5 volts down to 3.3. If you have a 1K ohm tie it to hot. Then take a 2K ohm and tie it to ground in series with the 1k. Right in the middle of those two resistors you'll be outputting roughly about 3.5v.



Now hook the chip to the FTDI like this. (from board to chip)

Vcc to 3.3v

GND to GND

Tx to Rx

Rx to Tx

GPIO 0 held to ground. I used an alligator clip to do this.



Now the hardware is ready. Let's get the software ready. i programmed mine from Arduino IDE on Mac OS X. Get the latest from here.


Now go on the toolbar when it is opened and go to Arduino > Preferences and add the following line to Additional Boards manager and Click Ok.


http://arduino.esp8266.com/stable/package_esp8266com_index.json




Now go to Tools > Board > Board Manager



Type in "ESP8266" and add the ESP8266 by ESP8266 Community Package (mine is already installed)



Now we need to add some Libraries. Go to Sketch > Include Libraries > Manage Libraries



Go here and download Homie Firmware. Download the Zip file. See the pic above? Go to add zip library and then navigate to, and then add the zip folder you just downloaded. It will install Homie into the Arduino Library. Now go to "Manage Libraries and search for and add the following packages:

ArduinoJson

Bounce2

PubSubClient

Async-mqtt-client (download and install as zip)

ESPAsyncTCP (download and install as zip)


Now lets load firmware. This was kind of weird and I'll explain it to the best of my understanding. When I downloaded the ino file from Scott Gibson's project I couldn't get it to compile successfully. I got with the developer of the Homie firmware project who told me the firmware code changed. So I think that between the time Scott wrote it and the time I found it the Homie firmware changed a bunch. Mind you I know nothing about code but I took the example below of Scott's code below and changed where it was failing (using a homie example as a template). SOMEHOW IT WORKED! Still, the tutorial advice I am giving below is the homie firmware example and you only have to tweak the Pin, LED, and Button stuff a little.


The only difference that I can tell between the two codes is it seems like that if you push the button in Scott's firmware it turns the socket on manually. The Homie IteadSonofButton example below does not do that. But, hey, it's a wifi socket. If it ain't wi-fi-ing .......unplug it and plug your thing in the real socket. I don't see much advantage to going manual. The whole point is to have a wifi controlled socket. Here is the code I tweaked. This is Scott Gibson's code. Feel free to use it if you want. It works. If you use the Homie example well then you know for a fact there should be no compilation errors. Copy this to a new arduino sketch and verify.


#include <Arduino.h>


#include <Homie.h>


#include <Bounce2.h>
#include <Homie.h>
#include <Button.h>


const int PIN_RELAY = 15;
const int PIN_LED = 2;
const int PIN_BUTTON = 13
;




HomieNode switchNode("plug", "switch");
Button button1(PIN_BUTTON); // Connect your button between pin 2 and GND


bool lightOnHandler(HomieRange range, String value) {
  if (value == "true") {
    digitalWrite(PIN_RELAY, HIGH);
    switchNode.setProperty("on").send("true");
    Serial.println("Light is on");
  //  switchState = true;
  } else if (value == "false") {
    digitalWrite(PIN_RELAY, LOW);
    switchNode.setProperty("on").send("false");
    Serial.println("Light is off");
//    switchState = false;
  } else {
    Serial.print("Error Got: ");
    Serial.println(value);
    return false;
  }


  return true;
}






void setup() {
  Serial.begin(115200);
  Serial.println();
  Serial.println();
  //pinMode(PIN_BUTTON,INPUT_PULLUP);
  pinMode(PIN_RELAY, OUTPUT);
  digitalWrite(PIN_RELAY, LOW);
  Homie.setLedPin(PIN_LED, LOW);
  //Homie.setResetTrigger(PIN_BUTTON, LOW, 5000);
  Homie_setFirmware("ecoplug", "1.0.0");
  switchNode.advertise("on").settable(lightOnHandler);
  button1.begin();
  Homie.setup();
}


void loop() {
  Homie.loop();
  if (button1.pressed())
  {
    digitalWrite(PIN_RELAY, !digitalRead(PIN_RELAY));
  }
  


}


OKAY THIS IS THE HOMIE EXAMPLE FIRMWARE BELOW. You still need to add the homie library even if you use the code above.


Now navigate to your Arduino libraries. In Mac OS X it is under "Documents"



Open your homie-esp8266-develop folder and go to examples. Open the one that says IteadSonofButton and double click the ino file




It will look like this after you alter the pin data as mentioned below:




We're going to change the value of the top 3 pins to this: (please bear in mind someone taught me this and that I wasn't smart enough to figure it out myself).


const int PIN_RELAY = 15;
const int PIN_LED = 2;
const int PIN_BUTTON = 13;


Make sure it looks like the picture above then click on "Verify" where my yellow circle is.



Now go into Arduindo under "Tools" and set your chip to Generic ESP8266 and then make sure all the other settings are the same. Make sure you have the proper Com Port selected as well. When I took this screenshot my FTDI controller was not plugged in. Again make sure you have it plugged in and selected.



If that works click on the right arrow next to the verify button and watch it upload to your chip.




HARDWARE HACKING COMPLETE!


Now the outlet should be in WiFi Access Point Mode. Check to see what wifi address it is broadcasting and connect to it.



Now go to this address to configure it. NOTE: IT WILL NOT CONFIGURE FROM A MAC. Must use Windows, or Linux, or Chromebook or Android or something else. The developer is aware of it and confirmed to me there was a bug.


http://setup.homie-esp8266.marvinroger.fr


TAKE NOTE OF THE DEVICE ID (the numbers and letters in the Wifi SSID after the dash) AND WRITE IT DOWN. It's just the mac address of the device but you need it later. If you change the device ID........WRITE THAT DOWN TOO. First thing you'll probably see is this:



If it does that I had to connect to my home wifi and then click on the setup link I posted above and get the page started and then quickly switch back to the Homie Wi-Fi Access Point. I think that is more of a browser cache thing than a bug of some sort. Anyway if you hit it right you'll see this below:



Now hit Next and fill in the following regarding your network credentials:



Now some other config. The broker address is the address of your MQTT server. I discuss that down below. You need an MQTT server before you can proceed. You can go ahead and fill this out if you know what the IP address is going to be of the computer where you install the server at. Note my mistake below.



Now finally, give it a name and then put your device ID in. Also check the box that says OTA enabled. After you hit next it should write to the device and restart and be ready to be controlled.




Run through the configuration. The only thing I couldn't figure out was the MQTT broker. This is the LEAST intuitive part of the process. Devices have their own protocol called MQTT which is a light weight protocol which runs on top of the http protocol. Anyway you need to connect to an MQTT server somewhere. There are free cloud ones however I just made my own. I installed a program called Mosquitto (yes, with two t's) on my Ubuntu Server. I won't get into the install and configuration of Mosquitto but it wasn't horribly hard and I will note it runs on Port 1883 and if you have a crappy home router it is easy enough for someone to enter port 1883 and turn your stuff on and off. So installing and turning on mosquitto is easy, but configuring it with security is kind of geeky. I run behind a good firewall appliance so my server is not accessible to the internet.


There are MQTT servers for every platform such as Windows, Linux and Mac. I just didn't want to install it on my mac laptop because when the laptop is gone, the mqtt server is gone and no home automation.


Okay so now I have this device configured. And now I have an MQTT server running. It was at this point I had zero clue what to do next. And it isn't intuitive at all. If you were the last person on earth no way you'd figure this out alone. Basically MQTT subscribes and publishes messages from machine to machine.


By the way........although I'm showing you the commands for using MQTT to turn the switch on..........don't look to me for too much help at this part of the tutorial. I'm slightly below beginner, noobie status on MQTT.


Ultimately I figured out (somebody told me what to do) that from my MQTT server I had to issue the following command to make the outlet turn on. Make sure you have the right topic name and device ID in your string here.


mosquitto_pub -t 'homie/382b78075571/switch/on/set' -m true


IF YOU USE SCOTT GIBSON'S FILE THE DEVICE TO CONTROL WILL BE "PLUG" NOT SWITCH. Here's an example


mosquitto_pub -t 'homie/382b780742c4/plug/on/set' -m true


I'll try to explain. The outlet broadcasts all the services it is running and you would be surprised how many. One of them is switch>set>on. True turns it on, false turns it off. So here's how it works.

- mosquitto_pub means we're going to publish to the outlet.

- The broker Topic is "homie". That is the default set in the configuration.

- The next field is your device ID or Mac address (unless you changed it)

- Now we're setting switch/on/set to true

Works like a champ.




Now I know you don't want to log into your server and issue a long command every single time. There are front ends for MQTT and one of the more popular ones is Home Assistant. Home assistant makes a webpage with a toggle switch to turn it on and off.



Basically once Home Assistant is installed you have to configure a file called configuration.yaml to see the switch and run the mqtt command. It isn't hard at all.


On your Mac where Home assistant is go to the terminal and type this:


cd ~/.homeassistant


sudo nano configuration.yaml


Add this to the bottom of the file: Be sure to .change your ip address on the 2nd line. Also change your Device ID's.


mqtt:

  broker: YOUR IP ADDRESS

  port: 1883

  client_id: home-assistant-1

  keepalive: 60

switch:

  - platform: mqtt

    name: "Wall Outlet"

    state_topic: "homie/382b78075571/switch/on"

    command_topic: "homie/382b78075571/switch/on/set"

    payload_on: "true"

    payload_off: "false"

    optimistic: false

    qos: 0

    retain: true

switch 2:

  - platform: mqtt

    name: "Wall Outlet2"

    state_topic: "homie/382b780749c1/switch/on"

    command_topic: "homie/382b780749c1/switch/on/set"

    payload_on: "true"

    payload_off: "false"

    optimistic: false

    qos: 0

    retain: true




That's it in a nutshell. Once you work through this MQTT thing once it isn't as bad as it seems and it then becomes easy enough to automate many more home items. Enjoy.




ESP8266 Weather Appliance

Found this cool project to create a weather appliance from an ESP8266 Weather Station. What's an ESP8266, you say? It's an Internet of Things (IoT) module that is wildly popular. You know the smart home outlets in Lowe's and Home Depot and Walmart that are internet controlled? They have ESP8266 modules (or similar) in them. Smart light sockets........Yep. Same. Those cool buttons at Amazon that order more Tide detergent when you press it...............You've got the idea.


This project can be found here but like most internet projects the instructions are frustrating as all get out. It's all there but not in a good, concise, intuitive method for dummies like me to follow.


This is based on an Adafruit Feather Huzzah which is probably the most expensive ESP8266 module but it it also probably the most mature and contains a battery port on board which is very cool.



You have got to solder two rows of male header pins on though so if you can't solder buy a beer for someone who can. That is probably the hardest part of the whole project.


You need a Feather Huzzah - $16 and a Featherwing TFT touch screen for about $25 to $30. Both items are frequently sold out due to popularity so if you find them in stock buy a couple of them. I had to get my Touch Screen off of eBay. The other items on the list such as the battery and switch are optional.


I'm going to try to not duplicate too much more of what is on the project page regarding hardware since they cover that pretty well. It's the software part that will drive you crazy. They make it sound more complicated than it is.


This is the part that drove me nuts because again the info was in the guide but buried in other links and links within links. I did this on a Mac so those are the instructions I'm providing here.


First and foremost to ever recognize the Feather Huzzah when you hook it to USB it needs a special driver, whether for Mac, Linux, or Windows. Download and then install the driver from here.


Now download Arduino IDE from here. The latest version as of this writing is 1.8.1.


Open Arduino IDE and then select Preferences. And add the following to the Additional Boards Manager Url's Line. Then click "Ok".


http://arduino.esp8266.com/stable/package_esp8266com_index.json





Now in the Arduino menu go to "Tools > Board > Board Manager (Sorry, my Huzzah board is already installed, yours won't be at this point yet).



Now in the search line type in "ESP8266" then click on the esp8266 by esp8266 community and an install button will appear. Install it.



Now quit and then restart Arduino and the Adafruit Huzzah Feather should be an option to select in the board dropdown as depicted above.


Set your frequency speed, Flash, and upload speed the same as in my pic above. Also plug in your Huzzah and select the port. On a mac it looks like this (/dev/cu.SLAB_USBtoUART).


Now go back to your toolbar in Arduino and click on "Sketch > Include Library > Manage Library"





Where it says "Filter Your Search" go through this list and install all your libraries as depicted. I'll only give the first example. All the others are the same.




- Adafruit GFX

- Adafruit ILI9341 Library

- Adafruit STMPE610

- WiFiManager for ESP8266

- ESP8266 Weather Station Library

- JSON Streaming Parser


Restart Arduino. I'm not sure it's necessary but it won't hurt. Make sure your board and port info are all correct.


Now from this page click on the green block that says "weather_station_color.zip". Also follow the directions beneath it for setting up a weather API key from WeatherUnderground.com


Open the file "weather_station_color.ino" from the zip file you just downloaded with Arduino. Maximize the window and go to the tab that says "settings.h" and add your weather underground API key and modify your location.



Once your key and location is in click the save button in Arduino




Now connect your Feather Huzzah via a micro USB cable to your Mac and then click on Upload



Now after successful upload of your sketch disconnect the Huzzah and follow the installation instruction on the Adafruit site, basically plug the Huzzah into the TFT touch screen. Soon as you boot it turns the Huzzah into a wifi access point to which you connect to and then input the SSID of your home wifi network and password and you should be displaying weather data.


Yer doing it!


I printed a 3D case from here. Turned out great.



LCD HD44780 Raspberry Pi 8 Bit Wiring

Had some issues with 4 bit wiring of my HD44780, 20x4 LCD which I use in a project in a tube amplifier. Every time the AC power is thrown it causes corruption in the LCD characters. Supposedly 8 bit operation is less susceptible to this behavior so here we go. ..........


Virtually every tutorial on the web is for 4 bit operation, and why not? Less wires, less pin assignments to add to your code..........it's just easier.


Here's how we wire it from the LCD (pins 1 through 16)

Pin 1 - Ground

Pin 2 - Hot (5v) pin 2 or 4 on Raspberry Pi

Pin 3 - Center leg of potentiometer for contrast (usually 10K ohm and they usually come with the LCD)

Pin 4 - RS pin 26

Pin 5 - RW to ground (DO NOT HOOK TO A GPIO OR YOU CAN REWRITE YOUR LCD)

Pin 6 - EN pin 24

Pin 7 - D0 pin 11

Pin 8 - D1 pin 12

Pin 9 - D2 pin 13

Pin 10 - D3 pin 15

Pin 11 - D4 pin 16

Pin 12 - D5 pin 18

Pin 13 - D6 pin 22

Pin 14 - D7 pin 7

Pin 15 - Hot (5v)

Pin 16 - Ground


NOTE: Pin 1 of LCD is the pin closest to the Raspberry Pi.

Pin 1 of the Raspberry Pi is the bottom left hand side pin. The pin above it has two red wires on it and is pin #2.



The remaining two pins on the Potentiometer go to hot and ground. Note that pin 2 I made a split jumper because there are only two 5v connections on the Pi. Three are required here. The black, negative wires can be placed on any Ground on the GPIO on the Raspberry Pi.




Also if you want to eliminate the potentiometer take the wire that goes from LCD pin to Ground (pin 3) and place a resistor in series with it. About 2K ohms will get you a nice clean display with perfect contrast. I have some small 4.7k ohm resistors and I twisted 2 in parallel together (2.35k ohms) and heat shrinked it up real pretty. Perfect display contrast and that totally elimates running another hot and ground wire down to a 3 leg potentiometer.


In order to fetch this information to display you need a python script from Github by jscrane. The file named lcd_lms.pl is the one you want. I usually click on that GitHub file which reveals the code in its entirety. Copy the whole code to your clipboard and do the following:


cd
mkdir lcdlms
cd lcdlms
sudo nano lcd_lms.pl


Then paste your code in. Once it is in find the line near the top that says this:


my $DEF_LMS = "rpi";


Change "rpi" to the IP address of your server


my $DEF_LMS = "192.168.20.138";


Hit CTL +X then Y and Enter to save the file.


Now make it executable.


sudo chmod u+x lcd_lms.pl


Now there are a lot of ways to start the program and a lot of Linux purists may poo-poo my simplistic method instead of using a fancy script which monitors it for life and resurrects it if it dies. I just start it from crontab at boot. The only gotcha here is the sleep command. I have a Raspberry Pi 3 and LogitechMediaServer starts in a matter of seconds. Consequently I have a Pi A+ which it takes about 2 minutes for LMS to fully start. Adjust your sleep command accordingly.


sudo crontab -e


add this to the bottom and adjust accordingly for the location of your file, your IP address and the name of your squeezelite player at the end.


@reboot sleep 25; /home/pi/lcdlms/./lcd_lms.pl -v lms -d localhost:13666 -l 192.168.20.138:9090 LCDpi


Should start at boot. Yer doing it!


Now for LCDProc.


Install lcdproc with these commands:


sudo apt-get install libany-uri-escape-perl libswitch-perl
sudo apt-get update
sudo apt-get install lcdproc lcdproc-extra-drivers
mkdir lcdproc
cd lcdpro
sudo apt-get install build-essential
sudo apt-get remove lcdproc
sudo apt-get install lcdproc lcdproc-extra-drivers


You can now modify LCDd.conf


sudo nano /etc/LCDd.conf


In /etc/LCDd.conf the following must be added to the driver section of the HD44780 section. (Note that the numbers are different and are the GPIO assignments of the Raspberry Pi NOT the PIN numbers).


For cut and paste below:


#GPIO Pin map page for 8 bit operation

pin_D0=17

pin_D1=18

pin_D2=27

pin_D3=22

pin_D4=23

pin_D5=24

pin_D6=25

pin_D7=4

pin_EN=8

pin_RS=7




A special driver is needed for newer Pi's and can be downloaded with the following command in a Pi Terminal. Make sure you point to this driver location in the

DriverPath=

section. I placed mine in /home/pi/lcdproc


mkdir lcdproc
cd lcdproc
wget http://sourceforge.net/p/lcdproc/patches/_discuss/thread/4c659fe3/b8f3/attachment/hd44780.so


After upgrading my Raspberry Pi LCD project in May 2017 the program LCDd would not start. The driver posted just above was not recognized. I found a driver in this thread that worked.


https://forum.libreelec.tv/thread-1930-page-5.html


The driver file can be downloaded from my site here. Clicking the link will immediately download the file. I had NOTHING to do with the development of this driver. Nothing. Nada. Zip.







Here's my /etc/LCDd.conf file in it's entirety. I've deleted the unneeded drivers for brevity. Your server section and driver section should contain the same information.


# LCDd.conf -- configuration file for the LCDproc server daemon LCDd
#
# This file contains the configuration for the LCDd server.
#
# The format is ini-file-like. It is divided into sections that start at
# markers that look like [section]. Comments are all line-based comments,
# and are lines that start with '#' or ';'.
#
# The server has a 'central' section named [server]. For the menu there is
# a section called [menu]. Further each driver has a section which
# defines how the driver acts.
#
# The drivers are activated by specifying them in a driver= line in the
# server section, like:
#
#   Driver=curses
#
# This tells LCDd to use the curses driver.
# The first driver that is loaded and is capable of output defines the
# size of the display. The default driver to use is curses.
# If the driver is specified using the -d <driver> command line option,
# the Driver= options in the config file are ignored.
#
# The drivers read their own options from the respective sections.






## Server section with all kinds of settings for the LCDd server ##
[server]


# Where can we find the driver modules ?
# IMPORTANT: Make sure to change this setting to reflect your
#            specific setup! Otherwise LCDd won't be able to find
#            the driver modules and will thus not be able to
#            function properly.
# NOTE: Always place a slash as last character !
#DriverPath=server/drivers/
DriverPath=/home/pi/lcdproc/


# Tells the server to load the given drivers. Multiple lines can be given.
# The name of the driver is case sensitive and determines the section
# where to look for further configuration options of the specific driver
# as well as the name of the dynamic driver module to load at runtime.
# The latter one can be changed by giving a File= directive in the
# driver specific section.
#
# The following drivers are supported:
#   bayrad, CFontz, CFontzPacket, curses, CwLnx, ea65, EyeboxOne, g15, glcd,
#   glcdlib, glk, hd44780, icp_a106, imon, imonlcd,, IOWarrior, irman, joy,
#   lb216, lcdm001, lcterm, lirc, lis, MD8800,, mdm166a, ms6931, mtc_s16209x,
#   MtxOrb, mx5000, NoritakeVFD, picolcd,, pyramid, rawserial, sdeclcd,
#   sed1330, sed1520, serialPOS, serialVFD, shuttleVFD, sli,, stv5730, svga,
#   t6963, text, tyan, ula200, vlsys_m428, xosd
Driver=hd44780


# Tells the driver to bind to the given interface. [default: 127.0.0.1]
Bind=127.0.0.1


# Listen on this specified port. [default: 13666]
Port=13666


# Sets the reporting level; defaults to warnings and errors only.
# [default: 2; legal: 0-5]
#ReportLevel=3


# Should we report to syslog instead of stderr? [default: no; legal: yes, no]
#ReportToSyslog=yes


# User to run as.  LCDd will drop its root privileges and run as this user
# instead. [default: nobody]
User=nobody


# The server will stay in the foreground if set to yes.
# [default: no, legal: yes, no]
#Foreground=yes


# Hello message: each entry represents a display line; default: builtin
Hello=" John's Awesome"
Hello="  Raspberry Pi"


# GoodBye message: each entry represents a display line; default: builtin
GoodBye=" Turn us back"
GoodBye="  on soon"


# Sets the default time in seconds to displays a screen. [default: 4]
WaitTime=5


# If set to no, LCDd will start with screen rotation disabled. This has the
# same effect as if the ToggleRotateKey had been pressed. Rotation will start
# if the ToggleRotateKey is pressed. Note that this setting does not turn off
# priority sorting of screens. [default: on; legal: on, off]
#AutoRotate=off


# If yes, the the serverscreen will be rotated as a usual info screen. If no,
# it will be a background screen, only visible when no other screens are
# active. The special value 'blank' is similar to no, but only a blank screen
# is displayed. [default: on; legal: on, off, blank]
ServerScreen=blank


# Set master backlight setting. If set to 'open' a client may control the
# backlight for its own screens (only). [default: open; legal: off, open, on]
#Backlight=open


# Set master heartbeat setting. If set to 'open' a client may control the
# heartbeat for its own screens (only). [default: open; legal: off, open, on]
#Heartbeat=open


# set title scrolling speed [default: 10; legal: 0-10]
#TitleSpeed=10


# The "...Key=" lines define what the server does with keypresses that
# don't go to any client. The ToggleRotateKey stops rotation of screens, while
# the PrevScreenKey and NextScreenKey go back / forward one screen (even if
# rotation is disabled.
# Assign the key string returned by the driver to the ...Key setting. These
# are the defaults:
ToggleRotateKey=Enter
PrevScreenKey=Left
NextScreenKey=Right
#ScrollUpKey=Up
#ScrollDownKey=Down




## The menu section. The menu is an internal LCDproc client. ##
[menu]
# You can configure what keys the menu should use. Note that the MenuKey
# will be reserved exclusively, the others work in shared mode.


# Up to six keys are supported. The MenuKey (to enter and exit the menu), the
# EnterKey (to select values) and at least one movement keys are required.
# These are the default key assignments:
MenuKey=Escape
EnterKey=Enter
UpKey=Up
DownKey=Down
#LeftKey=Left
#RightKey=Right


## Hitachi HD44780 driver ##
[hd44780]


# Select what type of connection. See documentation for availabe types.
ConnectionType=raspberrypi


# I/O address of the LPT port. Usual values are: 0x278, 0x378 and 0x3BC.
# For I2C connections this sets the slave address (usually 0x20).
Port=0x378


# Device of the serial, I2C, or SPI interface [default: /dev/lcd]
Device=/dev/ttyS0


# Bitrate of the serial port (0 for interface default)
Speed=0


# If you have a keypad connected.
# You may also need to configure the keypad layout further on in this file.
Keypad=no


# Set the initial contrast (bwctusb, lcd2usb, and usb4all)
# [default: 800; legal: 0 - 1000]
#Contrast=1000


#GPIO Pin mappage for 4 bit operation
#pin_D4=25
#pin_D5=24
#pin_D6=23
#pin_D7=17


#GPIO Pin mappage for 8 bit operation
pin_D0=17
pin_D1=18
pin_D2=27
pin_D3=22
pin_D4=23
pin_D5=24
pin_D6=25
pin_D7=4
pin_EN=8
pin_RS=7


# Set brightness of the backlight (lcd2usb and usb4all):
# Brightness is the brightness while the backlight is set to 'on'.
# [default: 800; legal: 0 - 1000]
#Brightness=1000


# OffBrightness is the brightness while the backlight is set to 'off'.
# [default: 300; legal: 0 - 1000]
#OffBrightness=0


# If you have a switchable backlight.
Backlight=no


# If you have the additional output port ("bargraph") and you want to
# be able to control it with the lcdproc OUTPUT command
OutputPort=no


# Specifies if the last line is pixel addressable (yes) or it controls an
# underline effect (no). [default: yes; legal: yes, no]
#Lastline=yes


# Specifies the size of the LCD.
# In case of multiple combined displays, this should be the total size.
Size=20x4


# For multiple combined displays: how many lines does each display have.
# Vspan=2,2 means both displays have 2 lines.
#vspan=2,2


# If you have an HD66712, a KS0073 or another controller with 'extended mode',
# set this flag to get into 4-line mode. On displays with just two lines, do
# not set this flag.
# As an additional restriction, controllers with and without extended mode
# AND 4 lines cannot be mixed for those connection types that support more
# than one display!
#ExtendedMode=yes


# In extended mode, on some controllers like the ST7036 (in 3 line mode)
# the next line in DDRAM won't start 0x20 higher. [default: 0x20]
#LineAddress=0x10


# Character map to to map ISO-8859-1 to the LCD's character set
# [default: hd44780_default; legal: hd44780_default, hd44780_euro, ea_ks0073,
# sed1278f_0b, hd44780_koi8_r, hd44780_cp1251, hd44780_8859_5, upd16314 ]
# (hd44780_koi8_r, hd44780_cp1251, hd44780_8859_5 and upd16314 are possible if
# compiled with additional charmaps)
CharMap=hd44780_default


# If your display is slow and cannot keep up with the flow of data from
# LCDd, garbage can appear on the LCDd. Set this delay factor to 2 or 4
# to increase the delays. Default: 1.
#DelayMult=2


# Some displays (e.g. vdr-wakeup) need a message from the driver to that it
# is still alive. When set to a value bigger then null the character in the
# upper left corner is updated every <KeepAliveDisplay> seconds. Default: 0.
#KeepAliveDisplay=0


# If you experience occasional garbage on your display you can use this
# option as workaround. If set to a value bigger than null it forces a
# full screen refresh <RefreshDiplay> seconds. Default: 0.
#RefreshDisplay=5


# You can reduce the inserted delays by setting this to false.
# On fast PCs it is possible your LCD does not respond correctly.
# Default: true.
DelayBus=true


# If you have a keypad you can assign keystrings to the keys.
# See documentation for used terms and how to wire it.
# For example to give directly connected key 4 the string "Enter", use:
#   KeyDirect_4=Enter
# For matrix keys use the X and Y coordinates of the key:
#   KeyMatrix_1_3=Enter
KeyMatrix_4_1=Enter
KeyMatrix_4_2=Up
KeyMatrix_4_3=Down
KeyMatrix_4_4=Escape



# EOF

Easy calendar instructions

Simple Steps:


Get a Raspberry Pi. I recommend the Zero for this project and I strongly recommend getting the Adafruit kit that has the adapters you need.


You'll need a wifi dongle too if you want to do wifi.


- Get a dakboard account and private url


- Download image


- Use Etcher to install image on micro SD card


- Boot


- Change user password


- insert your dakboard private url into a file. Notice I have obstructed my private url for security. You need the whole link.



- Get a dakboard account and configure the page they way you like it.


- Download a program called Etcher. It will write your OS image to your SD card. No typing in any long command in a terminal. Insert card. Download raspberry pi image, burn it.


- Download my image file. It will immediately download. Double click to extract the .img file. That is what you tell etcher to burn. Sadly the compressed image is 2GB in size, however this is WAY easier than configuring everything yourself.


Navigate to that .img file in etcher, insert a micro sd card into your computer and click "Flash!"




Once complete, place the micro SD card into the Pi. Ensure that the Pi is connected to ethernet for now at a minimum. It may be very beneficial for the first boot to hook a keyboard, and mouse up, and of course the TV you are going to install to via HDMI.


You can also Download a program called VNC Viewer. This will allow you to remotely view and control the desktop.


The hostname of the computer = pizerocalendar

The user name = pi

The password = calendar


You must know your IP address if you use VNC Viewer. Use an app called Fing on IOS or Android to find it. There are Windows, Mac, and Linux programs as well. If you are using a keyboard, monitor and mouse. Open the terminal and type


ifconfig



You can see my address under eth0 is 192.168.20.140


Now you can use VNC Viewer






Okay now open a terminal and type:


sudo nano ~/.config/lxsession/LXDE-pi/autostart


You'll see the following code


@lxpanel --profile LXDE-pi

@pcmanfm --desktop --profile LXDE-pi

@xscreensaver -no-splash

@point-rpi

@xset s off

@xset -dpms

@xset s noblank

#@chromium-browser --noerrdialogs --incognito --kiosk http://www.google.com


On the very last line you'll see http://www.google.com. Remove that part only and cut and paste in your dakboard private address from configuring dakboard.


Then hit the CTL + X key. It will ask you Y or N to save. Hit Y and then enter.


While you are in the terminal type this (I forgot to do it in my image file). Unclutter makes the mouse disappear after a few seconds.


sudo apt-get install unclutter


Now type


sudo raspi-config


Expand the Filesystem and change the user password. (Items 1 and 2) Please. Just do it.



Now reboot your computer. It should boot directly into a full screen Chromium browser with your dakboard page displayed.


While you have a keyboard, monitor and mouse hooked up you can add a wifi dongle and configure your wifi on your desktop as well. Same as Windows, click the icon, select your SSID and input your wifi password.


Easiest Raspberry Pi Wall Calendar Yet

What you need:

- Raspberry Pi Zero (or better)

- SD Card

- TV with at least one HDMI input

- Wall mounting bracket for TV

- HDMI Cable

- 1.5 amp power brick

- WiFi dongle (not needed if using a Pi 3 with onboard wifi)

- Micro HMDI to HDMI adapter (only needed if not using a Pi2 or 3)

- Micro USB to USB adapter (only needed if not using a Pi2 or 3)


Get a Raspberry Pi (Zero in my case for this project) and install the latest Raspbian Pixel on it. This is going to be hanging on a wall so there will be no mouse or keyboard but initially you have to set it up with one to make it easy. Might be way easier for a novice to hook up a small usb hub with a keyboard and a mouse especially since when you boot into Raspbian OS the first time and see the desktop you can easily click on the wifi icon in the upper right task bar and input your wifi credentials. It'll save you a ton of time. The only other way would be to hook the Pi to ethernet and SSH into it, set up a VNC session, enable wifi either by command line or desktop............You get the idea. Just hook up a darn keyboard and mouse for the first boot. Obviously we are using our TV here for a monitor.


Download and install the latest Raspbian Pixel on your SD card. Refer to here for directions.


You can do the next steps via SSH as well if you got your wifi enabled or connected via ethernet. But while the keyboard and mouse are hooked up, why not just do it? We'll do the wifi later in the instructions.


NOTE REGARDING SSH - THE LATEST VERSION OF RASPBIAN JESSIE-LITE DOES NOT HAVE SSH ENABLED. IN ORDER TO ENABLE IT AFTER YOU CREATE YOUR SD CARD you must add a file called ssh to /boot


Here's how I did that on a Mac. Right after the Raspian image wrote to the card I went to a terminal and typed


cd /Volumes

cd boot

touch ssh



There are a variety of ways to do this. I figured that was the easiest. If you are doing this from Windows or Linux you may need to google it to get the exact directions. Now lets configure our Pi knowing we can SSH into it if we need to.



sudo raspi-config




Go to "Interfacing Options"



Then enable VNC. (Even though I don't really go into why you're enabling VNC, and even though you don't need it for this tutorial maybe, you'll be glad later when the TV is hanging on the wall with no keyboard and mouse that you can access your Pi from a VNC session from another computer).



While you are in there after you hit the back command on the screen above go do option 1 to Expand Filesystem and option 2 to change the password.



Okay while you are in SSH or in your terminal also run the following commands:


sudo apt-get update


sudo apt-get upgrade


We're going to use Chromium browser since it is already installed on Raspbian Pixel as of Sep 2016.


Chromium browser is EXACTLY the same thing as Chrome just without fancy dancy licensing.


While you are hooked to a TV with keyboard and mouse enable your wifi. Coding it by hand isn't the end of the world but this is MUCH easier. It's pretty much done the same way as every other computer you've configured wifi with.




Now on any computer anywhere open a browser and go to dakboard and create an account. Once you create an account you can configure a webpage with your widgets. Just work down the list and play around until you get what you like. There is no right or wrong way.




You can check your progress by clicking on "My DAKboard" (4th from the bottom in left hand pane). Now go to your account page and we're going to grab the customized web page so we go straight to our calendar every time and don't need to log in. Copy the link below where it says "Private URL:". Mine is obviously partially obstructed for security reasons.



Okay back to the Raspberry Pi either on the desktop in the terminal or via an SSH shell.


Type the following:

sudo nano ~/.config/autostart/chromium.desktop

Paste in the following code (USING THE WEB ADDRESS FROM DAKBOARD I MENTIONED ABOVE)

Once again i have chopped the end of my address off just for security reasons.



[Desktop Entry]

Encoding=UTF-8

Name=Connect

Comment=Checks internet connectivity

Exec=/usr/bin/chromium-browser --noerrdialogs --incognito --kiosk http://dakboard.com/?p=850




Hit CTL key + x , answer Y for yes to save.


What we just did was to tell Chromium Browser to start up full screen every time you boot the Pi and log into your Dakboard that you configured.


NOTE: Here's a great big gotcha for you folks. Once you start Chromium browser in kiosk (full screen) mode it doesn't seem to want to get out of the way so you can do things on the desktop OS, like set your wifi for instance, or tell the computer to reboot. This is where logging in via ssh comes in handy. From a terminal on another computer on the same network do this:


ssh IPADDRESS -l user #(i.e. ssh 192.168.20.139 -l pi)


if it asks you to accept ssh keys yes/no say yes. If it tells you to get lost and your keys don't match type this to fix.


ssh-keygen -R IPADDRESS #(i.e. ssh-keygen -R 192.168.20.139)  #That deletes old ssh keys and allows you to ssh in again.


To kill Chromium browser


sudo killall chromium-browser


To relaunch just type chromium-browser or launch it from the desktop.


Moving on.

Lets keep the lights on, don't want the screen going to sleep.


sudo nano ~/.config/lxsession/LXDE-pi/autostart


Paste in the following code at the bottom of the file


@xset s off

@xset -dpms

@xset s noblank



Hit CTL key + x , answer Y for yes to save.


Sweet. Reboot to test.


sudo reboot


or


sudo shutdown -r now


This is what you should see when you reboot. Boots directly into Chromium with your Dakboard. You can add your own photos to a variety of web services. I used Dropbox.



Here's what the TV looks like. I double side taped the Pi Zero to the back. Very clean looking hanging on the wall.




I changed the layout a bit as well. I tried first hanging it in Portrait mode, which was cool, but this is also a smart TV with wireless and that deprived me of the ability to watch Hulu and Netflix while cooking if I wanted to.




If for some reason your TV screen doesn't quite go edge to edge and fill the screen issue the following command and uncomment the line (remove the #) that says disable_overscan=1


sudo nano /boot/config.txt



Hit CTL and X and then answer Y to save the changes.


If you see any pixelation make sure you have a good connection with your HDMI on the adapter end especially and you can add more GPU memory if need be. Go to raspi-config and then "Advanced" > A3 Memory Split. I set mine to 128


sudo raspi-config






Now you are basically done and can stop here. UNLESS you are a mythical POWER USER!


To get just a little more complex with this setup............Since I have this TV hanging on the wall which is always on I decided to make use of the fact it has speakers on it which are largely not being used. (It is also a smart TV so I can stream Netflix and Hulu, Vizio 24")


At home I have a music media server called Logitechmediaserver (LMS). It is available for a variety of platforms such as Windows, Linux, Mac, Raspberry Pi (ARM), and some NAS devices. My principal LMS server is installed on a Mac Mini. From there you go to mysqueezebox.com and make an account. Once you have an account you can add streaming services such as Spotify, Tidal, Pandora, TuneIn Radio, Shoutcast, among several others. Those are the ones I have used or currently use now.


You don't HAVE to put LMS on another computer. It will run on the same Pi, it may be a little slow on a Pi Zero but it'll run. Runs real nice on a Pi 3. So if this is going to be a stand alone LMS lets do this. If you intend to install LMS on another computer you can skip this. I have directions below for just adding a squeezelite player. To install LMS go to the nightly link above and right click on the ARM version and go to your terminal and type wget followed by the link (again using the latest version as of when I wrote this).



Now type (and make sure your file names are right, cut and paste with links is weird sometimes)



cd

mkdir lms

cd lms

wget http://downloads.slimdevices.com/nightly/7.9/sc/cf749e5/logitechmediaserver_7.9.0~1482423225_arm.deb

sudo dpkg -i logitechmediaserver_7.9.0~1482423225_arm.deb


The last command there will install LMS on directly on your Pi and it should start automatically. The way to access it is any browser on the same network with the IP address of your Pi plus :9000 (i.e. 192.168.1.2:9000) To find the address of your Pi type


ifconfig 


So then since you have a Raspberry Pi hooked to a TV delivering the awesome DAKboard why not put a streaming player on it and use the speakers? Granted my Vizio TV speakers sound pretty terrible however it is good enough for talk radio and I listen to a lot of talk radio. Also if you used a Raspberry Pi 3 with built in bluetooth you could conceivably hook to some bluetooth speakers for decent sound. Again, this is a kitchen rig. All I want is talk radio however it would only take swapping the Pi Zero with a Pi 3 (or Pi2 with a bluetooth dongle) to get more.


Adding squeezelite is remarkably simple. I do it like this. It needs some dependencies though to play common file formats.


sudo apt-get install libasound2-dev libflac-dev libmad0-dev libvorbis-dev libfaad-dev libmpg123-dev
liblircclient-dev libncurses5-dev


Then lets get and install squeezelite.


mkdir squeezelite
cd squeezelite 


Now go to this page to get the latest squeezelite. My tutorial will describe the current latest version. Simply change version number if it updates once this post gets dated a bit.


wget https://sourceforge.net/projects/lmsclients/files/squeezelite/linux/squeezelite-1.8.6-825-armv6hf.tar.gz
tar -xzf squeezelite-1.8.6-825-armv6hf.tar.gz sudo mv squeezelite /usr/bin/squeezelite


Okay squeezelite is now installed. Simple.


Now lets see our devices. I'm using the HDMI sound off the TV here. You could add a DAC if you wanted to.


squeezelite -l


There is quite a bit of output for a Pi Zero. The following kind of depends on what kind of Pi you have in the project. I am using a Pi zero which has really only one audio output. The HDMI. I could have chosen the one that says "sys default", the other "hw:" device works I know. Probably some others as well. If you are using a Pi 2 or Pi 3 you also have an onboard sound output which will be your sys default. To pipe sound out via your HDMI cable you pretty much have to use the one I have circled, or the plughw one below it two items. Yes you can use the sysdefault off the 1/8th inch output on the Pi but then you need another cable. Let's keep it simple, shall we?

I chose to use the one circled because it is the hardware (hw:) device for the HDMI. . Now here's what we do to set up the device and make it start at boot.




sudo nano /etc/systemd/system/squeezelite.service


It'll be empty. Paste this in (and note this is MY system), alter accordingly. After squeezelite -o add the player you selected. The -n parameter is the name of the player. Name it anything you want. The -s is the LMS server. If you leave this out entirely it will likely find it. If you want to put -s 127.0.0.1 that will work too. The -a 80:4 is something I used on another TV that sounded terrible and choppy until I added those parameters. To be honest I didn't remove it on this new TV and it works great. I'm leaving it in. You may not need it or you might need it. Because I have like 10 players in the house sometimes they conflict with each other. The -m setting is the MAC address of the player to keep them all straight. If this is your only player you won't even need to add the -m part.




[Unit]

Description=Squeezelite

After=network.target

[Service]

ExecStart=/usr/bin/squeezelite -o hw:CARD=ALSA,DEV=1 -n calendar -s 192.168.20.37 -a 80:4 -m 74:da:38:41:f8:9e

[Install]

WantedBy=multi-user.target


Hit CTL +x and then answer Y to save the file.


Now lets start it at boot


sudo systemctl enable squeezelite.service 



Now if everything went according to plan when you boot up and find your LogitechMediaServer (it is the IP address of the computer you put it on plus :9000) In my case my LMS lives on my Mac Mini of 192.168.20.37:9000


Just put that in a browser and look for your -n parameter (I named mine calendar). It should find it as a player.



You can see I circled the apps I enabled in my squeezebox.com


Tidal and Spotify you must have pay premium accounts to use. Ditto with Pandora. TuneIn and Shoutcast are free.


Now your DAKboard is a music player too!



Impress your friends. Attract women. Be the life of the party with your wall calendar and music streaming device.





JBL Flip 3 Bluetooth Speaker Review

How have I missed this? I'm almost embarassed. I'm usually all over technology, especially when it is audio related but I missed the boat on bluetooth speakers entirely. I'll list below why I "need" one but I really screwed the pooch, and here's why.......


Go into any big box electronics store and the only real thing in audio anymore is the Sonos devices. They are essentially computers, with apps, that stream to bluetooth speakers. And at a premium cost. LogitechMediaServer was supposed to catch on like this but they were a few years ahead of their time. This is one of my favorite devices and my daughter uses it still daily. The Logitech Squeezebox Radio.





Every kid now knows how to manipulate bluetooth because of designer headphones. Once LogitechMediaServer went belly up though they released their media server code as Open Source which has allowed that community to thrive. What I'm saying is Sonos costs money, LogitechMediaServer does not.


Now let's take that a step further. Darn near every app is free. iTunes, Spotify, Tidal, Pandora, TuneIn, iHeartRadio, etc.


YOU DON'T NEED A SONOS OR A LOGITECHMEDIASERVER. ALL YOU NEED IS A BLUETOOTH SPEAKER AND THEN YOU HAVE THE SAME THING!


Your phone, iPad, Android, or Computer is the server. Why do you need Sonos to play the Spotify app? You don't. What I'm really saying is a couple of GOOD bluetooth speakers are equivalent or better than a high dollar "system". God, I'm embarrassed I didn't notice that before.


That being said there are still some cool aspects to both platforms and I'm not about to abandon my LogitechMediaServer platform. It's not too late to save yourselves though. :)



I had a couple of minor annoyances that were solved with a bluetooth speaker. First was I am required to drive a government vehicle at work for trips up and down the East Coast which I take somewhat frequently. The Aux In on the radio has failed so no more smart phone streaming my favorite talk radio show from the TuneIn Radio app. Last couple times I just sat the phone on the dash and could barely hear it.


Second, I have a hot tub which I use quite a bit. Nothing better than coffee in a hot tub. To pass the time I put an iPad mini on a suction cup mount and can watch local TV through my Emby Server, or stream YouTube, or Sling, or Netflix or Hulu or whatever. Soon as I take the top off the tub and get all set up the heater and pump usually kick on making it very hard to hear.


So I've contemplated getting a bluetooth speaker for a while. There's only one problem. I'm an AUDIOPHILE, whatever that is, and the thought of a crappy, tinny sounding speaker is way beneath me. Then I started thinking, "this is for talk radio in the truck and action movies in the hot tub".


I never buy anything without reading a hundred reviews, reading the customer forums, and then re-reading all that stuff again. You'd be amazed what you learn about a product reading the customer forums. After the smoke cleared I opted for a JBL Flip 3. Everyone carries them, Target, WalMart, BestBuy as well.



I honestly wasn't expecting much in the way of sound despite all the reviews saying it was one of the better sounding speakers, supposedly sounding better than speakers in more expensive tiers. I did not open the manual initially and found it remarkably simple and intuitive to hook to a computer and use. And it sounds WAY better than I imagined that it possibly could. Impressive for something only slightly longer than my iPhone 6.


I knew I wanted to push this thing to the limit and go somewhere most bluetooth speaker users never go. I wanted to use my home music server to play all my locally stored music (about 6TB, yes 6TB) and stream from my LogitechMediaServer which has Spotify, Tidal, TuneIn Radio, and Shoutcast. I figured I would have to dedicate a Raspberry Pi computer or something to this task then when I read an obscure post on some forum somewhere about streaming LogitechMediaServer via Squeezelite (that is the name of the player used in LogitechMediaServer) to a bluetooth speaker.


The post suggested using an app called iPeng, which I already had, which allows you to control LogitechMediaServer from your phone or iPad. I had forgotten that iPeng creates a media player within the app so you can play music on your iPad or iPhone, which really isn't that useful in itself. But it is very useful if you have a BLUETOOTH SPEAKER!


So now I not only have a bluetooth speaker I HAVE AN EXTENSION OF MY HOME MEDIA SERVER. Here's another cool aspect to this. By connecting my iPad to my OpenVPN server I can access my home music library and for that matter my video media servers (Emby and Plex) and can play all my music at home or watch all my videos or Live TV from my home (and of course stream the audio to the JBL Flip 3). I can watch local news when I'm not at home. Anyway, whatever content is at home can be streamed to wherever I'm at. Think "Free Slingbox".


There are a million screens to iPeng but basically below you can see my apps. Spotify is a selection along the side there as well. Were I to click on "Artists" in the left hand pane it would list my 6TB of music in the middle. Awesome!



Lastly you can control it from a browser as well from your LogitchMediaServer IP address.



Now, what else is cool about this speaker and maybe even not so cool. Let's start with a "Not So Cool".


Like every device in the world now that is basically a computer it has embedded software called firmware. Mine was not up to date. There is only one way to update it and that is to download an app called JBL Connect. Also because you are transferring a file over bluetooth it takes 10 or 15 minutes. A lifetime these days. The program only prompts you about firmware if there is an update available. Other than that it doesn't do too much but does let you do some things that are cool.


The app appears under "iPhone Only" but installs and works fine on an iPad.



Click on where it says JBL Flip 3 and you can change the name of the device.



Lastly it shows you how to connect 2 JBL Bluetooth speakers together which is very, very cool.



Lastly, we'll talk about the sound again. Very, very good sound and tons of bass. So surprising for such a small device. For the price point I don't really think you can go wrong. There are much more expensive bluetooth speakers and I'm not sure the value is there unless you need a device you can drop in the pool and survive or something.


Only thing better than one JBL Flip 3 is two of them! One gotcha though not in the manual. You only connect one speaker via bluetooth to your computer, phone, or tablet. Then you push the Connect buttons on each one. Don't pair both speakers to your device then connect them. It'll cause one to choke for a short period of time and every time you change songs or volume it chokes again. Works perfect if you do it like I said above. Also the JBL Connect app recognizes them and allows you to set them in Party or Stereo mode. Stereo mode, duh.






And if you want to take it on the road with you check out this perfect case that I got from Amazon.




John's Grade: 4.8 of 5 stars. Minor reduction for firmware upgrade process and supposedly no "iPad Only" app.

Maytag Washer Repair LNC6764A71 Water Pump

Let me start out by saying if you are buying a new washer resist the urge to buy one that has a fancy LED display with push button controls and it connects to the internet to let you know when it is done. If that kind of washer (or dryer or refrigerator) breaks you are DOOMED to pay a repairman big bucks to fix it. Washers need to agitate and spin. The cheapest washer at Lowe's with the pull out and spin big giant knob is the best one to get. Not only is it inexpensive, it is cheap to repair and easy to fix. A motor drives a pump and the tub. All it is is a motor, a pump, a tub, and bearings. Any fool can fix even the most horrific failure.


Your washer does not need internet access. It just doesn't.


I have a LNC6764A71 washer that I bought in 2003. It was in storage for about 10 years so it is still basically brand new and too nice to replace just yet.



Yesterday as soon as the spin cycle kicked on the metal to metal noise was God awful. I shut it down and started an inspection right away. A quick Google reveals in a couple of links that it is most likely my water drain pump. Sure enough it was. I enjoy fixing my own stuff. No way I'm paying $200 for some guy to show up to fix a $350 washing machine.


Find your model number and then look it up on one of the parts sites. Take note of the Rev number as well.



Parts sites such as this for my model washing machine are abundant and you can order straight from them. Notice I have selected the Drain Pump for a Series 19 washer. That is the importance of the Rev number above.




However $80 for a new pump is crazy. I strongly recommend heading over to eBay and checking for the required part number (PS11741803). I found a third party pump for $24 and the original Whirlpool pump (Whirlpool actually made this Maytag washer) costs $55 or so. I went ahead and ordered the Whirlpool OEM original part.


Let's dig in: Step 1 unplug and pull the drain line out of the wall.



Now let's get 'er on her side. We want to remove the gray panel. 3 Screws. So we can see the offending pump.



Before we remove it go to the bottom of the machine and rotate the belt off the pulleys. The pump we are changing is in the upper left had corner of the picture below. See all the black stuff around the bearing? Bad.



Now let's remove the 3 screws and the rubber tubing line's by loosening the clamps with pliers. Squeeze and slide. The large one is the water pump inlet and the smaller one is the outlet that pumps water out. It's your drain line. The pump will be full of water. Plan accordingly for a quarter gallon of water or so to drain out.




Now the machine screws that hold the pump down.


That's it. Seriously. Remove and inspect. See the corrugated metal protruding? That is not supposed to be there. That is what is grinding on the bottom mounting plate causing all the noise.



And there is an obvious bearing failure. Look at all the black bearing dust. Diagnosis: EPIC FAIL



Got the replacement part.



The repair goes like this:


- Bolt new pump in with the three bolts you removed from the old one.




- Put the 2 rubber tubing lines for the pump inlet and outlet back on and ensure they are clamped securely




- Spin the belt back on the bottom



- Plug it in and stick the drain line in the wall.

- Wash some clothes with a smile knowing you saved a couple hundred dollars.







Raspberry Pi Audio - How to get started easily

RASPBERRY PI WITH HIFIBERRY DAC PLUS INSTALLED




One of the easiest Raspberry Pi projects to make is a home audio device. But even though it's one of the easiest it probably still seems prohibitive to the non-initiated. No more. I'm going to make it as easy as I possibly can. First of all you need to buy stuff. Here's a concise list with links. Bear in mind that you probably already have a cell phone charger with a micro USB port (minimum 1 amp output) and a micro SD card that is at least 8GB in size minimum so already you can save some bucks!


Parts Required

Cost

Raspberry Pi

$35.69

SD Card 16GB

$9.99

HiFiBerry DAC+ (Pro)

$22.90 to $44.90

Charger 2.5A

$9.99


I recommend the Hifiberry Digital to Analog Converter, DAC + Pro which is what is depicted above. Note that there are other DAC's for the Raspberry Pi but I like HiFiBerry because their support is excellent.

Not only that, they make it extremely easy to configure their hardware so you can kind of plug and play by using a program called HiFiBerry Installer. At the end of the day though all that does is make the hardware work. That leaves you, the newbie, to figure out how to install and configure some audio server software which means you need to have secure shell access and some command line experience. THAT is what we're trying to avoid here.


Let's talk just a bit more about the Hifiberry Installer. If you make your SD card using the Installer it puts a script file in the Operating system which auto-detects which Hifiberry device you have. In other words the downloadable image file below WILL WORK FOR ANY HIFIBERRY DEVICE. YOU DON'T NEED TO CONFIGURE OR CHANGE ANYTHING! Sweet!


So I'm going to provide you a downloadable image that has preconfigured the HiFiberry DAC, logitechmediaserver, and a player so that all you need to do is create an on-line account on mysqueezebox.com and then add some apps. Be forewarned that some apps will require pay service such as Spotify, Pandora, or Tidal. However most streaming radio apps are entirely free and you can plug a USB drive into your Raspberry Pi and play your locally stored music.


"The downloadable image file below WILL WORK FOR ANY HIFIBERRY DEVICE. YOU DON'T NEED TO CONFIGURE OR CHANGE ANYTHING!"


DOWNLOAD MY PRE-CONFIGURED IMAGE FROM HERE (approx 1 GB in size and will begin downloading as soon as you click on it).


Once downloaded then unzip the file which reveals a file named hifiberry_raspbian.img


Then by far the easiest thing to do is to download Etcher which will write your image file to your SD card. Etcher works on Linux, Mac, and Windows. Select the file, select the drive your SD card is, and push the button that says "Flash!". Easy.




Or if you want to do it the hard way on the command line the best most concise instructions for installing Raspbian from an image file are found on the Raspberry Pi website here.


My software image is based on Raspbian Jessie Lite dated Nov 2016 and has the following details:

- Hostname = hifiberrydac

- SSH access enabled

- User name (for SSH login) = pi

- Password = raspberry

- No wifi configured, must boot to ethernet first ( I don't know your wifi SSID and Password so it would do no good to set this up)

- Hifiberry Dac + enabled and should light up (green light on top) upon boot.

- Latest (as of 5 December 2016) Logitechmediaserver

- Squeezelite player installed and appears as "HiFiBerry" in Logitechmediaserver (once accounts are created and you are logged in).


All you need to do is find the IP address of your raspberry pi. One of the easiest ways is to use a free Network app called Fing. Here's what that will look like. Note the address of 192.168.1.105



Or you can boot the raspberry pi attached to keyboard, monitor and mouse and type ifconfig after logging in with the user name and password. It'll look like this: (Note that my address below is 192.168.1.105)



Also before we tackle this Logitechmediaserver thing lets do some Pi Maintenance now that we have the IP address.


Open a terminal in Mac or Linux and type


ssh 192.168.1.105 -l pi (Use your IP address here)


if it barks at you about ssh keys type this:


ssh-keygen -R 192.168.1.105


Then login again. This makes new login keys.




Now type


sudo raspi-config


Hit enter on "expand filesystem". This will fill up your SD card. My image was roughly 2.7 GB and you probably have a 16 GB card at least. This fills the card. Expand the filesystem then reboot and login again.



While you are in raspi-config...........PLEASE USE OPTION 2 and change your User Password. Please! Do that.


NOW.......you can start configuring your Logitechmediaserver!


Go to a browser and type:


http://192.168.1.105:9000



Then create the account and add apps. A non paying app to try is TuneIn Radio.




Here's an example of my apps. Note that you can make a FREE TuneIn Radio account. You'll have to do that too if you go that route.



Once you make your account be sure to go back in to your 192.168.1.105:9000 (make sure to use your IP address here) and log into your new mysqueezebox.com account.


Once you have this set up you are done. Plug your pi in somewhere, hook it to an amp or your stereo and go to the address of your logitechmediaserver in your browser and start streaming.


After you set up your mysqeezebox.com account and log in it should look like this (depending on what apps you selected) Note that my Squeezelite player "HiFiBerry" is selected in the upper right hand corner.



Now I'm playing music from FolkAlley.com. Highly recommended!




And that's it! Easiest Linux music server you'll ever configure. Feel free to leave me comments below.


Security Cameras

Decided to put a dedicated security camera up and put in the requisite homework. Rising to the top of most lists is the ReoLink RLC-410.




The prime reason I picked this camera is because it allows for local storage of your video files. Many cameras today which appear to be sleek and have tons of features usually have a pay service where your video files upload to. I find this to be somewhat objectionable. However at the cost of hosting your own files it requires tons of storage to run and record 24/7 and it can get a bit geeky. Fortunately, I'm a geek.


Another great aspect of this camera is that it is a Power Over Ethernet (PoE) device. That means all you need is a network cable and either a PoE switch (roughly $80) or a PoE injector (roughly $20). I opted to get a 4 port PoE switch so I can add some additional cameras later. Great thing about these switches is that if your device is not PoE you can still use the yellow ports as regular ethernet ports.



Chances are your porch doesn't have an ethernet connector out there so you'll have to get an ethernet cable out there somehow. In the case of my home it was pure hell. I had to walk the ceiling joists far enough back in my roof to where I could feed a 300' fish tape. Then I had to dis-join a piece of soffitt under my porch to attach the fish line to my CAT 5 ethernet cable.



Once I pulled it all the way through the attic I fed it down a wall in the garage where I wired it to a wall plate. And using my super geek skills and my Roland GX-24 vinyl cutter I made a yellow PoE label for the switch plate.



The Netgear PoE switch is mounted on the garage wall next to the ethernet wall plate. Don't mind the mess. All you need is the switch connected to internet and a cable going to your camera. I have a LOT of other things going on here.





After that I terminated a CAT 5 connector on the end of the cable and tested for network connectivity by using my laptop. Worked like a champ. So now I know that cable is ran and has connectivity.



Then it was just a matter of mounting the camera . I had to enlarge the hole quite a bit to stuff the connectors from the camera into the soffitt, then I just plugged it in and downloaded the Reolink app to my smartphone.




Here's the Mac version of the software.



Perfect. That's about all there is to it. I will say setting up the file recording location was somewhat troublesome. If I put it on my laptop then take my laptop to work..............No 24/7 video, only the motion alerts on the SD Card. So I opted to upload the files to my Mac Mini which stays at home all the time and is my music server. That worked perfectly. Then for some redundancy I installed an FTP server on my web and cloud server which has Ubuntu Linux Server installed on it. You could conceivably upload your files to any FTP server anywhere.


Reolink also has an NVR recorder which is basically a server for hooking all your cameras up to and storage for the video files. I'll look into that later when I get a couple more cameras up.


So here's a quick review with Pros and Cons..........


PROS


1. Inexpensive. Cheaper than most security cams.

2. Power over Ethernet.

3. App easily finds and configures camera.

4. Mac, Windows, iPhone and Android software.

5. 80 degree optical coverage. Huge.

6. Exceptional night vision performance.

7. LOCAL STORAGE OF VIDEO FILES.

8. No cables showing after installation, no power plug for the bad guy to remove.

9. Camera can record audio but you have to enable it and it's buried in the configuration.

10. Version I bought has a 16GB SD Card built in which holds motion alerts. More redundancy for recording.


CONS


1. Not much documentation. And the manual they give you is on a mini cd. Who has a laptop with a CD player that takes mini cd's these days?

2. Minimal directions for uploading to an FTP server. Not intuitive.

3. Software is a little clunky and non intuitive. For example I was getting a million motion alerts. Took me a while to find out you can block out zones in your optical coverage. Every car going by used to set off an alert and create a large file.

4. Didn't come with the latest firmware but it was easy to upgrade the firmware.


In my opinion the Pros outweigh the Cons by a LOT. For the price you cannot beat the RLC-410 and it contains features found in much more expensive cameras and the best reason is the fact you control the video files and don't have to pay $15 a month to essentially store and organize your video files.

Older Entries

26,796